Nuffield Council of Bioethics, 1993 Genetic Screening: Ethical Issues Report.
2015 EWHC 1394 (QB).
H Shapley, A Treasury of Science (Angus
& Robertson, London 1954) 510.
World Medical Association, Declaration of
Geneva (adopted September 1948)
accessed 02 January 2018.
A H. Ferguson, ‘The Evolution of Confidentiality in the
United Kingdom and the West’ (2012) 14(9) Virtual Mentor 738.
J McHale and M Fox, Health
Care Law (2nd edn, Sweet & Maxwell 2007) 565.
10 General Medical Council, Confidentiality: good practice in handling
patient information (2017).
Nuffield Council on Bioethics, The
collection, linking and use of data in biomedical research and healthcare:
ethical issues (2015), para 4.49.
GMC (n 10) 37.
M Taylor, Genetic Data and the Law: A
Critical Perspective on Privacy Protection (Cambridge, 2012) 7.
S Pattinson, Medical
Law and Ethics (3rd edn, Sweet and Maxwell 2011) 203.
C Jones, ‘The utilitarian argument for medical
confidentiality: a pilot study of patients’ views’ (2003) 29 J Med Ethics 348.
Pattinson (n 15) 202.
GMC (n 10).
G Laurie, Genetic
Privacy: A Challenge to Medico-Legal Norms (CUP, 2002) 232.
J Mandal, DK Ponnambath and SC Parija, ‘Utilitarian and
deontological ethics in medicine’ (2016) 6(1) Trop Parasitol 5.
Pattinson (n 15) 202.
2004 UKHL 22.
Council of Europe, Convention for the Protection of
Human Rights and Fundamental Freedoms (European Convention on Human Rights, as
Amended) (ECHR) art 8, 1950.
Human Rights Act 1998.
Campbell (n 26) 11.
2014 EWHC 13 (QB).
2014 EWCA Civ 1277.
K Horsey and E Rackley, Tort Law (5th edn, OUP 2017) 450.
McHale and Fox (n 9) 572.
2003 EWHC 1670 (QB).
2001 68 BMR 62.
The Times, May
GMC (n 10).
1988 UKHL 6.
GMC (n 10) 32-36.
1990 1 ALL ER 835 (CA).
131 Cal Rptr 14 (Cal 1976) (SC).
2003 4 All E.R. 969.
National Health Service Venereal Disease Regulations 1974, SI 1968/1624.
Human Fertilisation and Embryology Act 2008, s25.
Abortion Regulations 1991, SI 1991/499.
Data Protection Act 1998.
Health and Social Care Act 2001, s.60.
Health Service (Control of Patient Information)
Regulations 2002, SI 2002/1438.
P Case, ‘Confidence Matters: the Rise and Fall of
Informational Autonomy in Medical Law’ (2003) Medical Law Review 208, 231.
ABC (n 3) 31.
ABC v St George’s Healthcare NHS Trust
and Others 2017 EWCA Civ 336.
Although patient confidentiality is central to the trust between doctor
and patient, it is far from absolute: the caselaw discussed addresses the
balance of competing interests for lawful breach of confidentiality. Likewise,
professional ethical guidance and some legislation permits a breach of
confidentiality where it can be outweighed by a legitimate interest. Furthermore, the GMC’s guidance requires doctors
to balance disclosure of information to the patient’s relatives against their duty
to preserve confidence; however, there is no legal duty to do so. This was at
issue in ABC, where in the HC Nicol J
struck out the claim on the basis that there was ‘no reasonably arguable DOC’.55
However, the CA remitted the case for trial, stating that such imposition of a DOC
there is legislation which permits disclosure of information considered confidential.
Section 60 of the Health and Social Care Act 200151
and the Health Service (Control of Patient Information) Regulations 200252 arguably
undermine the equitable remedy of breach of confidence. Case maintains that the
2001 Act ’empowers the Secretary of State to make broadly two types of
regulations which enable bypassing of the general rule requiring consent to the
disclosure of patient information’.53 Moreover,
the 2002 Regulations ‘authorises the procurement of otherwise confidential
patient information’.54 This
legislation highlights the non-absolute nature of confidentiality, and that
there are exceptions which mandate disclosure without legal penalty.
Legislation in English law
both mandates patient confidentiality and requires a breach of confidence in
exceptional circumstances. The mandating legislation enshrines the duty of
confidentiality recognised in English common law. There is no specific
statutory protection afforded to medical information in English law (Wainwright v Home
Office);46 however, there are statutory
provisions which protect sensitive areas of healthcare. The National Health
Service Venereal Disease Regulations 1974/29,47 section
25 (33A) of the Human Fertilisation and Embryology Act 200848
and the Abortion Regulations 1991/49949
are examples of statutory provisions protecting the disclosure of medical
information. Furthermore, the Data Protection Act 1998 regulates the processing
of personal data about living individuals by setting out the responsibilities
of data controllers and individual rights.50
The duty of confidentiality is not absolute, as recognised by the GMC’s guidance,41
legislation and the caselaw. The leading case Attorney General v Observer Ltd and Others held
that a duty of confidence precludes disclosure of information to others unless confidentiality
is outweighed by a countervailing public interest.42 Thus,
recognising that confidence may not always prevail where other legitimate
interests are engaged. However, whilst a doctor can breach their duty of
confidence, it is unsettled as to whether they will be held liable for failing
to do so. The GMC sets out a further exception, where disclosure is necessary
to protect another individual’s welfare.43
Both the United States and UK courts have recognised this exception to the duty
of confidence: W v Egdell held that a
breach was justified in the public interest, to protect the public from
dangerous criminal acts.44
In Tarasoff v Regents of the University
of California, the Supreme Court (SC) imposed a duty on a doctor to
disclose information to third parties who may suffer foreseeable harm.45
Although Egdell recognised a breach
in the public interest, it appears unlikely that the Tarasoff duty would be recognised by the English courts.
2.4.2 Exceptions Recognised in Law
If the test is satisfied, there is a potential civil claim for an injunction to prevent
publication of the information or an action for damages. There are alternative
grounds for legal proceedings: actions may be brought in contract and
negligence.37 In Archer v Williams, an injunction was granted in relation
to information disclosed in breach of an employment contract.38
In Cornelius v
Taranto, the Claimant brought
a civil claim in negligence and damages were awarded on the basis that the
Defendant breached confidence by revealing medical information without consent.39 There
is no clear authority on this point in English law, although such action is
analogous to an action for breach of disclosure of a police informers identity
in Swinney v
Chief Constable of the Northumbria Police.40
These alternative proceedings are rare: today it is generally recognised
that the doctor-patient relationship is a relationship category protected by
the equitable remedy of breach of confidence.
Since Campbell, the existence
of a misuse of private information tort was confirmed by the HC in Vidal-Hall and Others v Google Inc.32 Tugendhat J cited
Lord Nicholls in Douglas and Others v
Hello! Ltd and Others: ‘breach of confidence, or misuse of confidential
information, now covers two distinct causes of action, protecting two different
interests: privacy, and secret (“confidential”) information’, leading him to
conclude that a distinct ‘tort of misuse of private information’ exists.33
This was upheld by the CA in Vidal-Hall.34 In OPO
v MLA, it was considered a tort by the CA.35 A
new two-stage test has been used to determine whether a breach of confidence or
‘misuse of private information’ has occurred since Campbell: (1) Did the claimant have a ‘reasonable expectation of
privacy’ with regard to the information? If so, (2) Does the claimant’s
interest in maintaining their right to privacy outweigh the defendant’s
interest in freedom of expression?36
Their Lordships clarified the relationship between breach of confidence
and privacy. Lord Nicholls maintained that ‘there is no over-arching,
all-embracing cause of action for “invasion of privacy”‘.29 He
acknowledged that the HRA prompted developments in the law of confidence and
that because the duty of confidence now arose where ‘…a person receives information he knows or ought to
know is fairly and reasonably to be regarded as confidential’ this had
created a tort of ‘misuse of private information’.30 He acknowledged that ‘the values in Articles
8 and 10 are now part of the cause of action for breach of confidence’ in light
of the HRA plus European Court of Human Rights (ECtHR) jurisprudence.31
Thus, future cases would need to concentrate on confidential information and
the balance of the claimant’s Article 8 and the defendant’s Article 10 rights.
confidentiality is not absolute, English law adopts a strong presumption in
favour of confidentiality. This duty is governed by legal principles in equity,
and is based on a relationship of trust between doctor and patient. Disclosure
of information outside the legitimate exceptions thus gives rise to an
equitable claim for a breach of confidence. This has developed through the
caselaw to protect privacy interests. In the years preceding the leading case Campbell v MGN Limited,26 actions for breach of confidence for
unauthorised publication of personal information increased. In Campbell, an action for damages was brought regarding publication
of an article in the Daily Mirror alleging
Campbell’s treatment for drug addiction. She argued that this constituted a
breach of confidence, leading the House of Lords to confirm that Article
8 of the European Convention on Human Rights (ECHR)27
underpins domestic law protection of the confidentiality of medical
information. This is given effect by the Human Rights Act 1998 (HRA).28
Law of Equity
2.4 English Law on Patient Confidentiality
Mandal et. al note ‘deontology is ethics of duty where the morality of an
action depends on the nature of the action’.22 Advocates
advance that confidentiality should be upheld, because the patient’s right to
privacy is at stake.23
Deontological ethics therefore strengthens the doctor-patient bond underpinning
patient confidentiality. Whilst utilitarianism is not concerned with
fundamental human rights, deontological ethics is receptive to these: the
individual’s interests cannot be aggregated where the moral need to protect
information should be overridden in favour of other moral interests.24 Pattinson
notes deontological-based theories ‘will only allow a patient’s right to have
medical information kept private and confidential to be outweighed by another’s
more important individual right’.25 Disclosure
of risk of harm to a relative is thus outweighed by the patient’s right to confidentiality.
However, this viewpoint is challenging considering the non-absolute nature of
confidentiality. Not only is this reflected in the professional ethical
guidance, but also in the relevant caselaw and statutory provisions.
Utilitarianism is the belief that actions are morally correct if they
maximise the majority’s benefit. Jones comments: ‘the utilitarian justification
for maintaining medical confidentiality rests ultimately on a calculation of
the effects of confidentiality or disclosure on the behaviour of current and
potential future patients’.16 In
the medical context, confidentiality should thus be maintained if it upholds
patient welfare; however, Pattinson argues that ‘act-utilitarian reasoning may
favour a breach of confidence to prevent the harm or death of a patient’s relative’.17 The
GMC requires doctors to balance their duty toward their patient against
preventing harm to others,18 placing
an emphasis on the maximisation of utility. Contrarily, Laurie notes that whether
utility is maximised turns on whether disclosure prevents harm.19
He states ‘it would be foolhardy not to inform relatives of a highly predictive
predisposition to such a condition, especially if pre-emptive treatment could
prevent the onset of disease’.20
He questions what harm will be avoided through disclosure – if the risk is to
lifestyle rather than life, the public interest argument is weakened.21 The
utility argument’s strength thus depends on the harm to be avoided through
The debate over whether a breach of confidence is justified in the
clinical genetics context requires considerations of the ethical justifications
for maintaining confidence. There are moral theories which claim to underpin
the obligation, with each attaching different weight to legitimate interests
which may override confidentiality. Pattinson thus argues that ‘interpreting
English law by reference to a coherent underlying ethical framework… presents a
challenge. What is clear is that it adopts a strong presumption in favour of
confidentiality with exceptions involving a balancing exercise.’15
2.3 The Ethical Debate
An obligation to
uphold confidentiality has long been included in the ethical codes of healthcare
which enshrine the moral code of the Oath. The General Medical Council (GMC) provides
guidance which sets out confidentiality
principles that all doctors must follow.10
Failure to respect these principles will be a serious matter, exposing the
doctor to potential professional penalties.11
However, there are exceptions provided by the GMC’s guidance: disclosures
with consent, disclosures required by law, and disclosures in the public
In such circumstances, breaches are lawful and doctors will not be exposed to
professional penalties. The non-absolute nature of confidentiality thus
involves a balancing test between public interests: the GMC states that doctors
are required ‘to balance their duty to make the care of their patient
their first concern against their duty to help protect the other person
from serious harm’.13 This is at issue in the
context of clinical genetics. Taylor comments: ‘personal data… tends to assume
that there will be a single identifiable individual to whom personal data will ‘relate”.14 The shared nature of DNA thus
raises the debate of whether this warrants a breach of confidence to disclose
information to the patient’s relatives.
2.2 Professional Ethical Guidance
confidentiality has historical roots, beginning with the Hippocratic Oath which
placed an absolute duty on doctors to maintain patient confidentiality: ‘And
whatsoever I shall see or hear in the course of my profession, as well as
outside my profession in my intercourse with men, if it be what should not be
published abroad, I will never divulge, holding such things to be holy
secrets’.4 The Declaration of Geneva
imposes the same duty on doctors, requiring them to ‘respect the secrets that
are confided in them, even after the patient has died.’5 The notion of
confidentiality thus encourages trust in the doctor-patient relationship:
patients are likely to disclose their symptoms, which facilitates diagnosis and
treatment of illness. Ferguson notes that it is thus ‘…an integral element of
the patient-doctor relationship, playing a vital role in the primary healing
purpose of the profession.’6 He states that although the
Oath recognises the importance of medical confidentiality, the qualification
that confidentiality covered those things that ought ‘not be published abroad’
suggests that the obligation of confidentiality was not considered absolute.7 These exceptions developed
in modern codes of conduct.8
2.1 The Nature of Patient Confidentiality
Section two examines the nature
of patient confidentiality, its regulation by professional ethical guidance, the
ethical debates surrounding this and the law in this area. Section three
examines the High Court (HC) and CA judgments in the ABC case. Finally, section four presents policy arguments against
extending the DOC raised in ABC, critiques
them and sets out further arguments for imposing such DOC on doctors.
Although the debate is long-established,
it must be revisited considering ABC v St George’s Healthcare NHS Trust and
Others3 (ABC), which reignited the discussion
when it came before the courts in May 2015. It was the first case
in English law to consider whether the doctor’s duty should extend to warning the
patient’s relatives. The Claimant alleged that, because of her pregnancy, the Defendants
owed her a DOC to inform her of her father’s Huntington’s Disease (HD)
diagnosis. Nicol J addressed policy concerns against extending the DOC before
striking out the claim for trial as it would not be ‘fair, just and reasonable’
to impose such duty. In March 2017, the Court of Appeal (CA) quashed the Order
striking out the claim. The remittal for trial indicates that patient
confidentiality may not prevail against legitimate interests of at-risk relatives.
Following consideration of an extension to the DOC in ABC, this dissertation
examines the implications of imposing a duty on doctors to warn the patient’s
relatives and argues for adoption of such a DOC. This duty is limited to
situations where the doctor acquires critical medical information about the
patient’s relative, thus where disclosure could mitigate serious harm or death.
Traditionally, English law on
the duty of care (DOC) owed by doctors has assumed that there are two parties
to the relationship: the doctor and the patient. This is underpinned by patient
confidentiality, the moral basis of which is to instil trust in the public that
they have control over their medical records and to encourage willingness to
seek healthcare. Yet as genetic testing gained prominence in secondary care, so
did the debate over whether a doctor should owe a DOC to disclose a genetic
risk to a patient’s relative. This has troubled doctors and legal scholars for
decades. In 1993, the Nuffield Council on Bioethics reported on the ethical
dilemmas surrounding genetic screening.1 The Council acknowledged that the tension
between the preservation of confidentiality and disclosure increases in the
clinical genetics context,2 because extending a doctor’s DOC to include
the patient’s relatives impinges upon patient confidentiality. This intrusion
of genetic medicine into the moral basis of the doctor-patient relationship
raises questions which have been debated in the literature.