Search tips
Search criteria 


Logo of bmjThis ArticleThe BMJ
BMJ. 2007 December 15; 335(7632): 1226.
PMCID: PMC2137090
Use of Patients' Data

GMC guidance on confidentiality

John G Jenkins, chair, GMC Standards and Ethics Committee

In the news article by Dyer, Professor Charles Warlow reports that confidentiality guidelines from the GMC (and NHS) are much more stringent than required by law.1

The article, if not Professor Warlow, implies that the Data Protection Act (DPA) is the only legal protection for patient’s confidential information and that, because the act does not necessarily require consent for the use of health information in medical research, any additional requirement to seek consent is unnecessary and harmful to research.

In fact, the act requires compliance with the common law of confidentiality and other relevant statutory restrictions on the use of patients’ information. The GMC’s guidance on confidentiality is very much based on, and is consistent with, the common law.

The comments of Mr Philip Havers QC provide a succinct and helpful reminder of the basic common law requirements, and the GMC’s guidance on confidentiality. That is that disclosure of identifiable information without consent may be justified if: it is impracticable to obtain consent; identifiable information is necessary for the purpose; disclosures are kept to the minimum necessary, and; it serves a demonstrably strong public interest.


Competing interests: None declared.


1. Dyer C. Stringent constraints on use of patients’ data are harming research. BMJ 2007;335:1114-5. (1 December.) doi:10.1136/bmj.39412.352558.DB

Articles from The BMJ are provided here courtesy of BMJ Publishing Group