
In the UK, confidentiality is a legal obligation that arises under common law and data protection legislation. It requires that information shared in confidence must not be disclosed without legal authority or explicit consent. This duty of confidentiality applies to various sectors, including healthcare, law, and social care. The obligation extends beyond merely refraining from communicating confidential information to third parties; it also entails a responsibility to not misuse the information without the consent of the individual. Confidentiality obligations can be complex and may be overridden in certain circumstances, such as when disclosure is in the public interest or required by a court order.
| Characteristics | Values |
|---|---|
| Legal basis | Common law, statutory law, data protection legislation, Human Rights Act, Data Protection Act |
| Applicability | Applies to all persons, regardless of age, mental health or capacity |
| Scope | Information shared in confidence must not be disclosed without legal authority or justification |
| Consent | Explicit or implicit consent from the individual is required for disclosure |
| Public interest | Disclosure may be permitted if it is in the overriding public interest |
| Safeguarding | Disclosure may be permitted if it is necessary to safeguard an individual or others |
| Professional responsibility | Health and care professionals have a professional and legal responsibility to protect confidentiality |
| Legal action | Breach of confidentiality may result in legal action against the organisation and the individual responsible |
| Documentation | Decisions to disclose information should be fully documented and legal advice sought |
| Confidentiality after death | Confidentiality obligations continue to apply after the death of an individual |
Explore related products
$50.39 $62.99
What You'll Learn

Common law duty of confidentiality
Confidentiality in UK law is a complex area and is not codified in an Act of Parliament but is built on case law through individual judgments. The common law duty of confidentiality means that when someone shares personal information in confidence, it must not be disclosed without some form of legal authority or justification.
Common law confidentiality is based on precedent and is applied by reference to previous cases. This means that if information is given in circumstances where it is expected that a duty of confidence applies, that information cannot be disclosed without the consent of the person who provided it. This includes all patient/client information, whether held on paper, digitally, audio or video recorded, or held in the memory of a professional. The duty of confidentiality applies regardless of the age or mental health status of the patient/client.
There are three circumstances in which the disclosure of confidential information is considered lawful: when the individual to whom the information relates has consented; when disclosure is necessary to safeguard the individual, or others, or is in the public interest; and when there is a statutory basis or legal duty to disclose. An example of the latter is the Health and Social Care Act (HSCA) 2012, which enables the HSCIC to collect information from health and social care organisations.
The common law duty of confidentiality also applies to deceased patients' records.
UK Shoppers: Mask Mandate or Recommendation?
You may want to see also
Explore related products

Consent and confidentiality
Confidentiality in UK law is a complex area, based on common law (case law) rather than statutory law. This means that the legal obligation for confidentiality is subject to change as case law evolves.
There are two types of consent in the context of confidentiality: express consent and implied consent. Express consent is when specific permission is given for something to happen, and it can be given verbally or in writing. Implied consent is less clear-cut and may be inferred from the circumstances or the nature of the relationship between the parties involved. For consent to be legally valid, the individual must be informed, have the capacity to make the decision, and give consent voluntarily.
In the healthcare sector, valid consent requires that service users are given enough information to understand how their data will be used and shared, and the implications of their decision. This is particularly important when refusing consent for information sharing, as this may impact their care or treatment.
There are circumstances in which confidential information can be disclosed without consent. These include when disclosure is necessary to protect the individual or others, when it is in the public interest, or when there is a statutory basis or legal duty to disclose. However, solid justification is required before disclosing information, and specialist or legal advice should be sought.
The Data Protection Act and the Human Rights Act provide additional legal frameworks for the processing of confidential information, ensuring compliance and protecting the rights of individuals.
India's Anti-Gay Law: A Dark Chapter in History
You may want to see also
Explore related products

Confidentiality after death
In the UK, the obligation to maintain confidentiality is a legal and ethical requirement that does not end with death. This means that information shared in confidence must not be disclosed without legal authority, valid justification, or consent from the individual or their family.
Common Law Duty of Confidentiality
The Common Law Duty of Confidentiality is a key principle in UK law, derived from case law and based on precedent. It establishes that information shared in confidence should not be disclosed without legal authority, valid justification, or consent from the individual. This duty of confidence arises when information is disclosed in circumstances where it is reasonable to expect confidentiality.
The duty of confidentiality extends beyond an individual's death. The Department of Health and the General Medical Council (GMC) agree on the ethical obligation for confidentiality obligations to continue post-mortem. This includes deceased patients' records, as per the Information Tribunal Appeal Number: EA/2006/0010 of September 17, 2007.
Guidance on Disclosures After Death
The GMC provides guidance on handling patient information and disclosures after death. It is recommended to respect the patient's known wishes, such as using recordings made with their consent for specific purposes like research or training. Anonymous recordings can also be used without consent for research, teaching, or healthcare-related purposes.
In some cases, doctors must disclose relevant information about a deceased patient. The Access to Health Records Act 1990 and the Access to Health Records (Northern Ireland) Order 1993 grant access to health records by a personal representative or anyone with a claim arising from the patient's death. However, doctors should be transparent with patients' relatives, informing them that they may need to disclose information to the patient if it influences their assessment and treatment.
Anonymisation and Consent
It is important to note that once information is effectively anonymised, it is no longer confidential. Consent is generally required for disclosing personal information outside the care team, but it may be overridden in specific circumstances, such as safeguarding interests or public interest. Solid justification and specialist advice are necessary before disclosing information without consent.
Greeting Future Indian In-Laws: A Non-Indian Guide
You may want to see also
Explore related products

Confidentiality and the public interest
Confidentiality is a legal obligation in UK common law, which means it changes as case law evolves. It requires that information shared in confidence must not be disclosed without legal authority or justification, usually in the form of explicit consent from the individual.
However, there are certain circumstances in which confidential information can be disclosed without consent. One such circumstance is when it is in the public interest. This does not refer to the interests of a particular individual but to a benefit to the wider public or society as a whole. For example, in the case of serious crimes such as murder or rape, it is normally justified to share confidential information with the police.
The public interest has also been used as a legal basis for the UK government's use of confidential patient information during the COVID-19 pandemic. In this case, the public health emergency was considered a serious, imminent health threat to the general population, which met a common understanding of the public interest.
In the context of health and social care, a breach of confidentiality can result in a loss of public confidence in the profession, as in the case of an experienced occupational therapist who left confidential information at a client's home.
While the public interest can be a lawful reason to breach confidentiality, it is not a decision to be taken lightly. Solid justification is required, and specialist or legal advice should be sought before disclosing information.
Sources of Commercial Law in India: An Overview
You may want to see also
Explore related products

Confidentiality and data protection
In the context of health and social care, confidentiality holds significant importance. It is generally accepted that information provided by patients or service users to health or social care services is confidential and must be treated as such. This duty persists even after the death of an individual, as per the Department of Health and the General Medical Council's ethical obligations.
However, there are circumstances where disclosure without consent may be deemed lawful. These include situations where disclosure is necessary to safeguard the individual or others, or where it serves the public interest. Nevertheless, solid justification is required, and specialist or legal advice should be sought before disclosing any information.
The Health and Social Care Act (HSCA) of 2012 grants the HSCIC statutory authority to collect information from health and social care organisations. Certain bodies, such as the Care Quality Commission, possess legal authority to obtain confidential information to support their duties.
It is worth noting that confidentiality obligations are not limited to the health and care sectors. Professionals in various fields, including solicitors and their firms, are also bound by regulatory obligations to maintain client confidentiality.
To ensure compliance with data protection legislation, it is essential to understand the rights of subjects in relation to their personal data, the lawful basis for processing data, and the required data retention periods. Organisations should refer to relevant guidance and policies to navigate the complexities of confidentiality and data protection effectively.
Inactive Law License: What Does It Mean?
You may want to see also
Frequently asked questions
Confidentiality in UK law refers to the legal obligation to keep information shared in confidence from being disclosed without legal authority, explicit consent, or justification. This obligation is based on common law, which is derived from case law and creates binding precedents.
Common law duty of confidentiality is a legal obligation that arises when someone discloses information in confidence. It requires that the information not be used or further disclosed without the original understanding of the confider or their subsequent permission. Common law confidentiality can be overridden in certain circumstances, such as in the public interest or by legislation.
There are a few exceptions to the common law duty of confidentiality. Confidential information can be disclosed without consent in certain circumstances, such as when it is necessary to safeguard an individual or others or when there is a statutory basis or legal duty to disclose. Additionally, certain bodies, such as the Care Quality Commission, have legal authority to obtain confidential information.
A breach of confidentiality can result in legal action against both the organisation and the individual responsible for the breach. Health and care professionals have a professional and legal responsibility to respect and protect the confidentiality of their clients or patients at all times.
















![Information Privacy Law [Connected eBook] (Aspen Casebook)](https://m.media-amazon.com/images/I/61uzGXF8G1L._AC_UY218_.jpg)

![Information Privacy Law: [Connected Ebook] (Aspen Casebook)](https://m.media-amazon.com/images/I/61KUKAMt-5L._AC_UY218_.jpg)



![Privacy, Law Enforcement, and National Security [Connected eBook] (Aspen Select Series)](https://m.media-amazon.com/images/I/81p8RTMIT9L._AC_UY218_.jpg)
















