Taylor and Wilson, ‘Reasonable Expectations of Privacy and Disclosure of Health Data’

The law of confidence allows for a range of defined circumstances in which confidential patient information (CPI) can be disclosed without breach of confidence – including statutory gateway and overriding public interest. Outside such circumstances, current guidance to health professionals (the ‘standard account’) assumes that CPI can only be lawfully disclosed with patient consent. This article argues that the standard account has not yet caught up with judgments, post the Human Rights Act 1998 coming into force, which have reinterpreted the law of confidence in the light of Article 8 of the European Convention on Human Rights. In particular, the article explains the significance of the concept of a ‘reasonable expectation of privacy’ to an action for breach of confidence and thus to legal liability for disclosure of health data. It argues that conformity with a reasonable expectation of privacy provides an alternative account for the lawful disclosure of CPI, and may provide a more sustainable and authentic approach to meeting obligations under the law of confidence than the standard account. The article concludes with recommendations for an evolution of the standard account in a way that could allow restatement of associated concepts (such as consent) free from particular pressure to bend them out of shape. The evolution proposed continues to bring to the fore the patient perspective and allows protection of their ‘reasonable expectations’ regarding uses of data collected about them rather than those of the profession.

Mark J Taylor and James Wilson, Reasonable Expectations of Privacy and Disclosure of Health Data, Medical Law Review, https://doi.org/10.1093/medlaw/fwz009. Published: 25 April 2019.

First posted 2019-05-03 06:02:14

Leave a Reply