Physicians have always had a duty to keep their patients' confidences. In essence, the physician's duty to maintain confidentiality means that a physician may not disclose any medical information revealed by a patient or discovered by a physician in connection with the treatment of a patient. In general, AMA's Code of Medical Ethics states that the information disclosed to a physician during the course of the patient-physician relationship is confidential to the utmost degree. As explained by the AMA's Council on Ethical and Judicial Affairs, the purpose of a physician's ethical duty to maintain patient confidentiality is to allow the patient to feel free to make a full and frank disclosure of information to the physician with the knowledge that the physician will protect the confidential nature of the information disclosed. Full disclosure enables the physician to diagnose conditions properly and to treat the patient appropriately. In return for the patient's honesty, the physician generally should not reveal confidential communications or information without the patient's express consent unless required to disclose the information by law. There are exceptions to the rule, such as where a patient threatens bodily harm to himself or herself or to another person(Burkemper, 2002).
The AMA's ethical guidelines are not binding by law, although courts have used ethical obligations as the basis for imposing legal obligations. Moreover, maintaining patient confidentiality is a legal duty as well as an ethical duty. A physician's legal obligations are defined by the US Constitution, by federal and state laws and regulations, and by the courts. Even without applying ethical standards, courts generally allow a cause of action for a breach of confidentiality against a treating physician who divulges confidential medical information without proper authorization from the patient.
Despite these ethical and legal obligations, access to confidential patient information has become more prevalent. Electronic health information systems allow increased access and tranmission to health data. Physicians in integrated delivery systems or networks now have access to the confidential information of all the patients within their system or network. Confidential information also is disseminated through clinical repositories and shared databases. Sharing this information allows patients to be treated more efficiently and safely. The challenge for physicians is to utilize this technology, while honoring and respecting patient confidentiality.
Breach Of Confidentiality
A breach of confidentiality is a disclosure to a third party, without patient consent or court order, of private information that the physician has learned within the patient-physician relationship. Disclosure can be oral or written, by telephone or fax, or electronically, for example, via e-mail or health information networks. The medium is irrelevant, although special security requirements may apply to the electronic transfer of information.
The legal basis for imposing liability for a breach of confidentiality is more extensive than ethical guidelines, which dictate the morally right thing to do. Although current law in this area has been referred to as "a crazy quilt of state and federal law," protecting patients' confidentiality is the law of the ...