The terms ‘privacy’ and ‘confidentiality’ are often used interchangeably. However, they are related, but not identical, concepts. Privacy refers to the right to control access to oneself, and includes physical privacy, such as having curtains closed during physical examinations.
Privacy may also relate to information about oneself, and information privacy laws regulate the handling of personal information through privacy law and policy .
Confidentiality relates to information only. The legal duty of confidentiality obliges healthcare practitioners to protect their patients against inappropriate disclosure of personal health information.
The code of conduct for medical practitioners in Australia, affirms that patients have a right to ‘expect that doctors and their staff will hold information about them in confidence, unless release of information is required or permitted by law’.
In Australia, the protection of health-related information has attracted special treatment in law, policy and relevant ethical codes and guidelines, partly as a response to the sensitive nature of health information. The health sector sees the highest number of notifiable data breaches of any sector, according to the Office of the Information Commissioner’s Notifiable Data Breaches Report: January to June 2023. For commentary on the issue of HIV-related data breach and related matters see DJ Carter and S Hartridge, ‘Privacy breaches and electronic communication: Lessons for practitioners and researchers’ (2022) 51(7) Australian Journal of General Practice 51, 497–9
It is essential to maintain privacy and confidentiality for the following reasons:
- Maintaining privacy and confidentiality is a legal requirement.
- The Medical Board of Australia defines it as a part of ‘good medical practice’ and so it is relevant to appropriate professional conduct, registration and disciplinary proceedings.
- Patients may be concerned about the impact unauthorised disclosure may have on their lives in personal and professional spheres, including HIV-based discrimination.
- Patients should understand who has access to information about them.
- Patients are far more likely to seek medical care and give full and honest accounts of their symptoms if they feel comfortable, respected and secure.
- A health system with strong privacy mechanisms will promote public confidence and trust in healthcare services generally.