Menu Close
Close
Facebook Instagram

DOCTOR PATIENT CONFIDENTIALITY AND ITS DISCLOSURE

Dr Mahesh Baldwa, Dr Sushila Baldwa, Dr Varsha Baldwa, Dr Namita Padvi

Confidentiality and privacy are essential to all trusting relationships, such as that between patients and doctors. Moreover, in a healthcare context, patient confidentiality and the protection of privacy is the foundation of the doctor-patient relationship. Patients must feel comfortable sharing private information about their bodily functions, physical and sexual activities, and medical history.

Confidential information disclosure

Disclosure of information gained by a doctor during examination and interrogation of the patient or after laboratory tests is a tricky matter. Giving information to a patient is not normally a problem; giving information to relatives or an unrelated third party is almost always problematic. The widespread confusion is partly because doctors fail to realize there are two distinct ways to look at the problem: the legal angle and that related to medical ethics.

Definition and meaning

The Black’s Law Dictionary defines confidentiality as secrecy or the state of having the dissemination of certain information restricted.

Span of confidentiality

Healthcare personnel must acquire, process, store, retrieve and transfer clinical, administrative and financial health information as healthcare is an extremely information intensive and sensitive industry. Confidentiality may also refer to the relation between doctor and patient or guardian and ward, or between spouses, with regard to the trust that is placed in the one by the other. Breach of confidentiality, then, refers to the violation of this trust that has been placed in another in a fiduciary relationship. The unfortunate aspect of the robust data flows is the inherent problem of the misuse of information, disclosure of confidential information and risk of privacy violations.

Breach of confidence is tort

Privacy violations in the healthcare sector that stem from policy and implementation gaps include: disclosure of personal health information to third parties without consent, inadequate notification to a patient of a data breach, unlimited or unnecessary collection of personal health data, collection of personal health data that is not accurate or relevant, the purpose of collecting data is not specified, refusal to provide medical records upon request by client, provision of personal health data to public health, research, and commercial uses without de-identification of data and improper security standards, storage and disposal. The disclosure of personal health information has the potential to be embarrassing, stigmatizing or discriminatory. Furthermore, various reasons such as employment, life, and medical insurance, could at risk if the flow of medical information were not restricted.

Breach of confidence has been seen as an independent tort. Any information received by either an explicit or implicit (through the fiduciary nature of the relationship) responsibility of maintaining confidence on the part of the recipient of such information, if disclosed to others may give rise to the tort of breach of confidentiality. Confidentiality is widely seen as an equitable principle and therefore the remedies may include primarily injunctions, but also damages for the pecuniary or mental losses suffered by the person whose confidence has been violated. In case the breach of confidence has profited the violator in monetary terms, these profits may also be taken into account while deciding damages. Injunction may also be used as a remedy to forestall the publication of information that may be detrimental to the person whose confidence is breached.

In India, there has been growing awareness about confidentiality in recent time. The tort of breach of confidentiality in India is based upon the violation of right to privacy. There is indeed a close, nebulous relationship between the violation of right to privacy and breach of confidence when the information in question is private personal information, such as information made available in the course of marital relationships.

Professional secrecy

Professionals are not allowed to share secret information narrated by patient’s own health problems. This applies to all, even family members. This is called the duty of professional secrecy. There are exceptions to this rule.

‘Privileged Communication’

 Interaction between two parties in which the law recognizes a private, protected relationship. Whatever is communicated between these pairs of parties shall remain confidential. The privilege may cover the situation where a patient confesses to a psychiatrist that he or she committed a particular crime years ago and was not caught by police need not be informed to police / court suo moto. The rationale behind the rule is that a level of trust must exist between a physician and the patient so that the physician can properly treat the patient. If the patient were fearful of telling the truth to the physician because he or she believed the physician would report such behavior to the authorities, the treatment process could be rendered far more difficult, or the physician could make an incorrect diagnosis.

Similarly patient came to a doctor with a sexually transmitted disease. The doctor is usually required to obtain a list of the patient’s sexual contacts to inform them that they need treatment. This is an important health concern. However, the patient may be reluctant to divulge the names of his/her older sexual partners, for fear that they will be charged with statutory rape. This is a grey area of catch 22 situation between legal, moral and medical duty.

‘Patient Privacy’

The term ‘Privacy’ is used in the context of the foundation of the fiduciary relationship between a doctor and a patient. This fiduciary relationship emanates from a reasonable expectation of mutual trust between the doctor and his patients and is established through the Indian Medical Council Act of 1956, specifically section 20(A) of the Act which lays down the code of ethics 2002 which a doctor must adhere to at all times. Privacy within the healthcare sector includes a number of aspects including but not limited to informational privacy (e.g., confidentiality, anonymity, secrecy and data security); physical privacy (e.g., modesty and bodily integrity); associational privacy (e.g. intimate sharing of death, illness and recovery); proprietary privacy (e.g., self-ownership and control over personal identifiers, genetic data, and body tissues); and decisional privacy (e.g., autonomy and choice in medical decision-making).

Legal reason for requirement of professional secrecy, privileged communication, patient privacy and confidentiality?

Article 21 of the Constitution of India, 1950 provides that, “No person shall be deprived of his life or personal liberty except according to procedure established by law.” Disclosure of professional secrecy, privileged communication, confidentiality information may result in harassment, defamation of patient and curtail enjoying his life or personal liberty. A suit for damages for libel, innuendo defamation for reveling secrecy causing harassment and defamation may be brought against doctor.

No confidentiality for information available in public domain

No injunction will be granted in case the information that is ‘disclosed’ is already freely available in the public sphere e.g. if a statement is made in a courtroom the information is deemed to be in the public sphere, but if the same statement is made in camera its disclosure would be a breach of confidence.

The medical perspective

Medical practitioners have long been taught that what they learn about their patients should never be disclosed to another person. Indeed, it is on this understanding that the patient places full confidence in the doctor, telling him personal matters which he may not tell others. This is a prerequisite for correct diagnosis and proper treatment. It is also the basis of the doctor-patient relationship.

Exceptions to privacy rule:

1. Court order:

  1. So the doctor cannot refuse to give information in a court of law on the ground of confidentiality of information. The protection afforded under Sections 126 to 129 of the Indian Evidence Act, 1872 which deals with privileged that is attached to professional communication cannot be availed of against a court order to produce documents under Section 91[3] of the Code of Criminal Procedure. The document must be produced, and then, under Section 162[4] of this Act, it will be for the Court, after inspection of the documents, if it deems fit, to consider and decide any objection regarding confidentiality, secrecy or privileged communication.
  2. workmen’s compensation cases,
  3. consumer protection cases,
  4. income tax authorities,

2. Statutory disclosure:

A notifiable disease is any disease that is required by law to be reported to government authorities.

  1.  Epidemic Diseases Act, 1897
  2. disease registration,
  3. communicable disease investigations,
  4. vaccination studies,
  5. drug adverse event reporting
  6. Disclosure of abortion to medical officer: Medical practitioners are only allowed to disclose information of those who have terminated a pregnancy Medical Termination of Pregnancy Act, 1971 to the Chief Medical Officer of the State. Otherwise, the Act prohibits the disclosure of matters relating to treatment for termination of pregnancy.

3. Children and adolescent patient

Doctor may have to trickily disclose with oral or implied permission of children and adolescent patient to parents since then young patients may be protected in matters related to suicidal thoughts and risky sexual behavior and similar situations.

4. during referral:

Referral to higher and better centers requires disclosure of confidential secret information for continuity of treatment

4. Disclosure for public good:

Example: The driver of a public transport vehicle who has developed early cataract in both eyes, impairing his vision must be disclosed for preventing accident or people at large. Often overruled prima facie when faced with situations or instances that involve a larger interest of a greater number of people. This policy is in keeping with India’s policy goals as a social welfare state to aid in the effectuation of its utilitarian ideals. This does not allow individual interest to at any point surpass the interest of the masses.

5. Moral obligation: It is not only legal provisions that come in the way of maintaining confidentiality of information between patient and doctor. The doctor’s moral obligation to act in the larger interests of society also places him/her in a dilemma. The college lecturer with infectious tuberculosis refuse to go off duty, their doctors have a moral duty to inform their employers.

6. Information about health problem is protected not other communications.

Only the information that involves the relationship between the professional and the patient is protected. This means only the information shared with professionals as part of their job is covered. So, if patient tells stories about your children, this is not covered by professional secrecy. Information about health problem is protected.

6. Patient sues a doctor

If a patient sues a doctor, then professional secrecy no longer applies; the information that was once protected can now be revealed. Think about a case in which a patient sues a surgeon because of a medical mistake. In this situation, the surgeon has to build a defense and is allowed to reveal information about the patient to the judge.

Disclosure of secret information requires consent of patient under

  1. Mental Health Act, 1987
  2. Pre-Conception and Pre-Natal Diagnostic Techniques (Prohibition of Sex Selection) Act, 1994
  3. Medical Termination of Pregnancy Act, 1971
  4. Ethical Guidelines for Biomedical Research on Human Subjects
  5. Insurance Regulatory and Development Authority (Third Party Administrators) Health Services Regulations, 2001
  6. IDRA Guidelines on Outsourcing of Activities by Insurance Companies

Breach Of Confidence of Patients

Mr. X versus Hospital Z, Supreme Court of India in Mr. ‘X’ vs Hospital ‘Z’ on 21 September, 1998, Bench: S. Saghir Ahmad, B.N. Kirpal. Appeal (civil)  4641 of 1998 , In this case the appellant  doctor [who donated blood for a patient ] was going to marry a certain Ms. Y but the marriage was called off on the grounds of a blood test conducted at a certain hospital Y (Apollo hospital, Madras) which purported that appellant  was HIV+ ve.  Itokhu Yepthomi was posted for surgery of aortic aneurysm on May 31, 1995 which, however, was cancelled due to shortage of blood. On June 1, 1995 the appellant and one Yehozhe who was the driver of Itokhu Yepthomi were asked to donate blood. The appellant then approached the National Consumer Disputes Redressal Commission for damages against Y (Apollo hospital, Madras), on the ground that the information which was required to be kept secret and confidential under medical ethics was disclosed illegally and, therefore, the defendants were liable to pay damages. The counsel for the plaintiff had contended that the principle of ‘duty of care’, as applicable to persons in the medical profession, includes the duty to maintain confidentiality and since this duty was violated by the respondents, they are liable in damages to the appellant. The right to confidentiality, if any, vested in the plaintiff was not enforceable in that situation. As the right to confidentiality in India is because of the right to privacy under Article 21 and the cases of Kharak Singh versus State of U.P and Govind versus State of M.P. the court held that like all other rights this right is not absolute and subject to reasonable restrictions. The court held that if the marriage had proceeded in due course, then Ms. Y would surely have been infected with the deadly disease AIDS and then her ‘right to life’ that is, the right to lead a healthy life would be violated. Thus in the interest of public morality the court decided that the appeal of the plaintiff is without merit.

Doctor patient confidentiality

Doctor patient confidentiality is held to be one of the sacrosanct rights according to the Hippocratic Oath and it is codified in India in the form of the Code of Medical Ethics by the Indian Medical Council under the Indian Medical Council Act, 1956. This bases itself on the International Code of Medical Ethics. That right is that a doctor can not divulge details of the patients being treated by him even after his death except in a court of law. According to the researchers this right is extremely important as it gives legal remedy to people wronged by medical practitioners who have violated such an important right. In India the most important case is X versus Hospital Z as it showcases an exception to action against breach of confidentiality.

Compromising confidentiality

Like consent, the principle of confidentiality is sacrosanct in legal and human rights discourse. It should be sacrosanct in any sensible public health strategy too. Again, it is HIV/AIDS that has highlighted the importance of maintaining confidentiality in order for stigma and discrimination to be tackled, and for the effective control of the epidemic. Not only have privacy and confidentiality been recognized as key human rights, but their maintenance is a key component of an effective public health system. After all, would anyone access the services of a physician if it was known that the information shared in the visit would be divulged outside the doctor-patient relationship? If people stopped accessing physicians how would society be able to grapple with health crises that had disappeared underground? It has, therefore, been established that confidentiality is crucial in any effective public health system. However, the IMC Regulations, 2002, fall short of protecting confidentiality in a precise and satisfactory manner.

Confidentiality and maintenance of medical records

In dealing with issues such as the maintenance of medical records, surely the patient should be guaranteed confidentiality. However, the regulations fail in providing this. On the contrary, without any controls being prescribed to maintain patient confidentiality, the regulations provide that medical records shall be issued if any request for them is made ‘…by the patients/ authorized attendant or legal authorities involved…’. This means that those other than the patient concerned could have access to information that should be private between doctor and patient, without any clarity on the grounds under which such information can be shared. Disclosure of records  to insurance companies and TPA require written consent of patient party.

Lose ends with respect to confidentiality in ethics 2002

The regulations even provide that a physician should ‘…ensure himself that the patient, his relatives or his responsible friends have such knowledge of the patient’s condition as will serve the best interests of the patient and the family.’ This predicates that a physician actually has a right to breach confidentiality to a wide spectrum of people and clearly without consulting the party most concerned and whose right is at stake – namely, the patient. Surely this goes against all norms of medical practice as reflected in law and ethics.

The regulations then provide specific grounds under which a physician can disclose ‘the secrets of a patient that have been learnt in the exercise of his/her profession…’. These include disclosure under orders of a court of law, in cases of a notifiable disease and ‘in circumstances where there is a serious and identified risk to a specific person and/or community’. This appears to be an attempt by the MCI to factor in the ratio of a leading judgement on medical confidentiality – Tarasoff v Regents of the University of California (17 Cal 3d 425) which was cited in the Indian Supreme Court’s judgment in Mr. X v Hospital Z (1998) 8 SCC 296 (wherein the Supreme Court of India suspended the right of HIV-positive people to marry).

Unfortunately the IMC appears to have got the framework laid down by the American court a little wrong. The court in the case of Tarasoff sought to delicately balance the need to maintain confidentiality against the need for disclosure in very specific circumstances. Essentially it said that if a physician found that an identifiable third party was foreseeably endangered due to the conduct of the patient then the physician had a duty to warn the third party. Clearly then, disclosure has to be to a specific third party and cannot be made generally. The regulations, however, conveniently permit the physician to violate confidentiality in cases of risk to a community, thereby permitting public disclosure. It is hard to imagine the citizenry accessing the services of a health care professional who follows the framework set out in the regulations.

Confidentiality and Medical Publications:

1. Publication of case reports with patients consent is permitted.

2. Publication of photographs of patient with identity blurred can be used without permission.

3. Publication of data of patients with codified identity data can be used without permission where retrieval or decoding is not in public domain and kept secret or destroyed before publication.

4. Audio video shooting needs consent and publication of it on you tube or in conference.

Conclusion

Breach of confidentiality is a tort in India. After examination of various case laws relating to confidentiality it was found that the tort has emerged from the right to privacy enshrined in our constitution in Article 21 which talks about the right to life. It is the dynamism of the judicial system of India which has recognized the relevance of the tort concerned and encompassed many liberties given to the people in a constitutional article which just talks about the right to life and personal liberty. Tort law’s main function is to compensate a party which has suffered damage.

There is a social need for this right to confidentiality in the case of doctor and patients. Right of confidentiality would guard the right of privacy of all patients. Mostly, the court recognizes that there exists a case of breach of confidentiality in normal conditions. Under cases of public morality or public interest the right to confidentiality is often revoked like in Mr. X v Hospital Z. Since Indian courts accept both the concept of breach of privacy as well as breach of confidentiality, one should not try to figure out if a particular circumstance is more appropriate for the one over the other, but actually use both principles to supplement one another for achieving the same objective. For example in situations where the conditions required for the application of the law of confidentiality do not exist such as disclosure of personal information by a person who did not receive it in a confidential capacity, one could apply the principle of privacy to prevent such information being disclosed or claim a remedy after disclosure. On the other hand if the information to be disclosed is not of a personal nature then one could try to utilize the law of confidentiality to prevent disclosure or claim damages. The Roman Law principle ‘Salus Populi est Suprema’ (regard for the public health (welfare) is the highest law) -must apply.

Recent Stories

Association Certificate

IMA NANDED
IMA RANCHI
IMA, Bettiah (Bihar)
IMA, Chalisgaon
IMA, Daltanganj (Bihar)
IMA GAYA
IMA PUNE
IMA, Bhagalpur (Bihar)
IMA, Bhatinda 2018
IMA, Bhatinda 2019
IMA, Faridabad
IMA, Karnal
IMA, Kishanganj (Bihar)
IMA, Malout
Indian Society of Blood Transfusion & Immunoheamatology, Punjab
Jammu Doctors Forum
IMA BHUBNESHWAR_1
IMA JHARKHAND_1
IMA Wai_1
CARDICON, Darbhanga Conference_1
IDA, Hazararibagh_1
IMA allahabad__1
IMA ARA_1
IMA Basmat_1
IMA BHATINDA_1
IMA BHATINDA_2
IMA BIHAR_1
IMA DHANBAD_1
IMA DHANBAD_2
IMA GAZIABAD_1
IMA GORAKHPUR_1
IMA HISAR_1
IMA NASHIK_1
IMA NATIONAL_1
IMA NAWASAHAR_1
IMA PUNE_1
IMA PUNJAB_1
IMA PUNJAB_2
IMA UP_1
IMA, Calcutta_1
IMA, Darbhanga (Bihar)_1
IMA, Dhanbad Conference_1
IMA, Garhwa_1
IMA, Haridwar_1
IMA, Haridwar_2
IMA, Mau_1
IMA, Mau_2
IMA, Moga_1
IMA, Punjab_1
IMA, Purnea (Bihar)_1
IMA, Ranchi_1
IMA, Rourkela_1
IMA, West Champaran (Bihar)_1
JASICON 2022 CERTIFICATE_1

AICL  is a company formed under the Indian Companies Act 1956 as a Limited Company. The company is proud to be backed by the professionals having a strong financial hold.

Facebook Twitter Youtube

Quick Links

Useful Links

Useful Links

  • marketing@aiclindia.com
  • +91-9136036071
  • 54, Vinobapuri, Lajpat Nagar 2, New Delhi, 110024.

Copyright © 2025 APEX Risk Management. All rights reserved.

Made with ❤️️ at upptick.com

Scroll to Top