A Guide to Confidentiality in Health and Social Care
Everybody deserves to have their privacy and personal details respected. This is our right and it’s important that all environments and institutions act accordingly, including schools, businesses, and health and social care sectors.
If you work in health and social care, it’s important that you understand your duty of confidentiality. You must abide by this duty and ensure that you respect your patients’ and clients’ legal right to privacy. In some rare cases, it may be necessary to override your duty of confidentiality, particularly if people are at risk of harm. Read on to find out more.
What is Confidentiality?
The principle of confidentiality is about privacy and respecting someone’s wishes. It means that professionals shouldn’t share personal details about someone with others, unless that person has said they can or it’s absolutely necessary. ‘Professionals’ in this context includes people like doctors, nurses, social workers, support workers, and employers.
In a health and social care setting, confidentiality means that the practitioner should keep a confidence between themselves and the patient, as part of good care practice. This means that the practitioner shouldn’t tell anyone what a patient has said and their details, other than those who need to know. This also includes not showing anyone – again, other than those who need to know – an individual’s personal notes or computer records.
Need a Training Course, Fast?
Our Information Governance Training is designed to help those who work in health & social care, giving you the tools to understand your obligations around data protection. All our training is CPD accredited and fully online, meaning you can study anywhere, anytime and download your certificate in a matter of hours. See how else we might be able to support you with our Safeguarding Adults course library.
What Legislation Covers Confidentiality in Health and Social Care?
There are many legislative requirements surrounding confidentiality in health and social care. If you work with patients and their records, then it’s important that you’re aware of patient confidentiality law and the following legislation.
The Common Law of Confidentiality
The principle of confidentiality is broadly taken from common law, which is why it’s called a common law duty of confidentiality. Confidentiality is important for encouraging people to come forward with issues and concerns.
However, there are certain offences and provisions where the duty of confidentiality is overridden. For example, if a girl has been a victim to Female Genital Mutilation (FGM), then this is a criminal offence and the appropriate authorities need to know. Additionally, if there is a serious safeguarding concern and somebody is at risk, then you have a duty to share this information to keep people safe.
The Human Rights Act 1998
The Human Rights Act gives every individual the right to respect for their private and family life. This includes having any personal information held in confidence. This right, however, is not absolute and can be overridden if necessary, such as for a safeguarding concern.
The Care Act 2014
This Act encourages caregivers to take a person-centred approach when safeguarding vulnerable adults. It also sets out a new way of thinking in relation to adult social care by explaining the importance of sharing information at early stages so that people stay safe.
The Health and Social Care (Safety and Quality) Act 2015
This Act sets out a number of provisions relating to the health and social care services in England. It covers the integration of information relating to users of health and social services. It also explains the sharing of information for individuals who use health and social care services.
The Data Protection Act 2018 and the GDPR
The Data Protection Act and the GDPR both have provisions that explain the way organisations, charities, and businesses must handle information. This includes care settings and provisions relating to clients, patients, and employees. Under Data Protection and the GDPR, personal information must be:
- Processed lawfully, fairly, and transparently.
- Collected for specified, explicit and legitimate purposes.
- Adequate, relevant, and limited to what’s necessary for the purposes of why it was collected.
- Accurate and up to date.
- Not be kept for longer than is necessary.
- Processed in a manner with appropriate security, including protection against accidental loss.
When Can You Break Confidentiality in Health and Social Care?
There are many uncertainties surrounding confidentiality in health and social care. Common questions express concerns like ‘when shall I disclose confidential information?’ and ‘will I be breaching confidentiality in expressing my concerns?’.
To provide a simple answer: you may, in certain circumstances, override your duty of confidentiality to patients and clients if it’s done to protect their best interests or the interests of the public. This means you may override your duty if:
- You have information that suggests a patient or client is at risk of harm.
- You have information to suggest that a patient or client is posing a risk of harm to someone else.
In these instances, you should always report your concerns to your manager or supervisor. You should also help and contribute to any further actions that are taken to reduce the risk of harm.
However, sometimes things are not this simple and it can be easy to misread and misunderstand the signs. If you have any concerns about someone, or a confidentiality issue arises, you should always ask your manager or supervisor for advice.
Consider the following scenario, which explains why over-riding confidentiality is sometimes necessary.
You are a care worker and you have gone to assist an elderly male at his home. You don’t usually assist this man, but his usual care worker has gone away for the week.
When you are helping him to get dressed, you notice several bruises on his back. When you enquire about these, he explains that his usual nurse attacked him last week and caused the bruises. He believes that he said something silly because the care worker started calling him names and then hitting him.
You are very concerned about this man’s safety when his normal care worker returns. He tells you that he doesn’t want you to tell anybody because the care worker is usually nice and it was just him making a silly comment that caused this to happen. He has become upset and he doesn’t want to get the care worker into trouble.
There is a clear conflict in this situation. You believe that you should inform your manager immediately and report the other member of staff. However, the gentleman has begged you not to do this and has told you in confidence, so you don’t want to breach his confidentiality.
In this situation, it is acceptable to override your duty of confidentiality. This is necessary to protect the man from further harm.
You should explain to him that you understand why he is upset and doesn’t want to speak out. However, explain that he has experienced a form of abuse that he has a right to be protected from and how you can help him.
Here, you are acting on behalf of the man’s best interests and within the Public Interest Disclosure Act. This means you can override your duty to protect his confidentiality and speak to your manager about what you have found.
Principles of Confidentiality in Childcare
It may also be the case that you frequently handle confidential information about children. The same principles of confidentiality apply in this situation: you should maintain confidentiality but override it if you think the child is at risk. Always be vigilant to recognising the signs or abuse and neglect and tell somebody if you think the child is at risk.
You should view confidentiality on a need to know basis, which means that you only share information when it’s necessary and with people who need to know. Relationships between professionals and children are built on trust, so it’s essential that you uphold a child’s confidentiality unless they are at risk. If you need to share a child’s information, ask for their consent unless there is a compelling reason not to do so. This is important for transparency, trust, and building a relationship.
You have a duty to protect patient confidentiality in health and social care. However, when a patient or client is at risk of harm or posing a risk to someone else, you may, in certain circumstances, override this duty if it’s done to protect their best interests or the interests of the public.
What to Read Next:
- How to Conduct Effective Handovers in Nursing and Patient Care
- What is Person-Centred Care and Why is it Important?
- Information Governance Online Training