|Home | About | Journals | Submit | Contact Us | Français|
In the news article by Dyer, Professor Charles Warlow reports that confidentiality guidelines from the GMC (and NHS) are much more stringent than required by law.1
The article, if not Professor Warlow, implies that the Data Protection Act (DPA) is the only legal protection for patient’s confidential information and that, because the act does not necessarily require consent for the use of health information in medical research, any additional requirement to seek consent is unnecessary and harmful to research.
In fact, the act requires compliance with the common law of confidentiality and other relevant statutory restrictions on the use of patients’ information. The GMC’s guidance on confidentiality is very much based on, and is consistent with, the common law.
The comments of Mr Philip Havers QC provide a succinct and helpful reminder of the basic common law requirements, and the GMC’s guidance on confidentiality. That is that disclosure of identifiable information without consent may be justified if: it is impracticable to obtain consent; identifiable information is necessary for the purpose; disclosures are kept to the minimum necessary, and; it serves a demonstrably strong public interest.
Competing interests: None declared.