In most jurisdictions, the duty is codified in the terms of legal professional rules, such as the Model Code of Professional Responsibility. Although the duty of confidentiality and fiduciary duties have common origins, they cannot be equated as not all fiduciary duties attract duties of confidentiality and vice versa.

“Confidentiality” is to keep secret about something that has been spoken, heard or written in confidence.

The term “confidentiality” has been used by various organisations and departments in many ways, such as ‘Privacy’, ‘Secrecy’, ‘Restricted’, ‘Security’ and ‘Official Secret’, etc. “Preservation of confidentiality is the only way of securing public health otherwise doctors will be discredited … future individual patients will not come forward if doctors are going to squeal on them.”

There is a well established and well understood presumption in favour of confidentiality.

The duty and its source

The lawyer-client relationship has historically been characterised as one of confidence. This duty also constitutes part of the broader foundation for lawyer’s fiduciary duties to their clients.

Rationales for the duty

The maintenance of full and frank disclosure between lawyers and their clients is the main justification for the duty of confidentiality. The basis for this rationale is utilitarianism, in that it works to promote the work of solicitors, who are officers of the court. It allows clients to freely discuss intimate details without fear that such information could be subsequently disclosed to the general public. In turn, public confidence in lawyers and the legal system is maintained and promoted. Further, the duty of confidentiality is a constant reminder to lawyers of the loyalty they owe to their clients.

Another rationale is to protect the human dignity of the client.

In criminal cases, confidentiality is also justified to prevent the use of tricked confessions or admissions.

Source of the duty

The duty is sourced from a combination of contract law and equity arising from the distinctive relationship between lawyer and client. The solicitor or attorney is an agent of the client under the law of agency. In contract, the duty arises from terms contained in the retainer agreement. Complementarily, equity prohibits unauthorised use or disclosure of confidential information. In most jurisdictions, the duty is codified in the terms of legal professional rules, such as the Model Code of Professional Responsibility.

Although the duty of confidentiality and fiduciary duties have common origins, they cannot be equated as not all fiduciary duties attract duties of confidentiality and vice versa.

Scope of the duty

In contract

As the lawyer-client duty of confidentiality is primarily sourced in contract law, the wording of implied terms in the retainer agreement determines its scope of operation. Despite its importance, there have been few judicial attempts to resolve the extent of the implied term.

In equity

In equity, protection is attached to information that is capable of meeting the test of confidentiality – whether the information was already public knowledge and whether its communication was for a limited purpose. While this test may indicate a more limited scope of confidentiality under equity, by requiring information to be deemed confidential before falling under the scope, on another level equity may secure a broader temporal protection for confidential information. The duty under contract expires on termination of the legal retainer, whereas the duty under equity remains intact until the information is no longer confidential, which may occur long after the expiration of the contractual retainer.

In professional rules

Legal professional rules have tended to adopt the broad view of the scope of duty recognised in contract law. The obligation to retain information in confidence, according to the professional rules in Australian jurisdictions is premised on its connection with the legal retainer rather than the source of the information. Hence, the professional rules seem to imply that information gained in connection with the legal retainer is deemed confidential. However, though the rules emphasise the importance of the duty of confidentiality, this is not a hard rule. Not all information connected with the retainer meets the legal test of confidentiality. The duty of confidence applies to “any information, which is confidential to a client and acquired by [a] practitioner or [a] practitioner’s firm during the client’s engagement.” For barristers, it is “confidential information obtained by [a] barrister concerning any person.”

Compared to legal professional privilege

Though the duty of confidentiality shares a common origin, goals, and similarities with legal professional privilege, they are distinct in at least three ways. Firstly, privilege is not dependent on a contractual, equitable or professional duty to clients. Rather, it is based upon arguments of public policy. Secondly, communications protected by confidentiality are more numerous than those protected by privilege. Privileged communications are a subset of confidential communication. Nonetheless, loss of privilege does not necessarily automatically destroy the duty to confidentiality if it has arisen independently of the privilege. Finally, privileged information is protected from compulsory disclosure, unless abrogated by statute or waived. Non-privileged confidential information on the other hand must be disclosed to judicial, statutory, or other legal compulsion. In particular, the public interest in discovering the truth trumps private duties to respect confidence.

Limits and exceptions to the duty

Though the duty to confidentiality is often expressed in absolute terms in professional rules, there are circumstances where the duty can be breached. The breach of the duty in certain contexts is justified through the balancing of the often competing interests of the client and proper administration of justice

Client authorization

As lawyer-client confidentiality exists for the benefit of the client, the confidence is the client’s to waive or modify. Hence, the lawyer can reveal confidential information to third parties where the client allows such an action. However, consent to allow the disclosure of confidential information does not entitle the lawyer to disclose or use the information for other purposes than those specified by the client.

The authorization does not necessarily have to be explicit. It can be inferred from the terms or nature of the retainer agreement. The idea that all information imparted within a retainer is confidential is impracticable. Often, much of that information is communicated so that it can be disclosed to dispose of a matter, claim, or legal issue. Hence, where information is incidental to the conduct of a retainer, client authorisation can be generally taken as given. Nonetheless, where there is uncertainty, express authority should be sought from the client.

Disclosure compelled by law

Where expressly provided for in statute, lawyers must comply with any parliamentary requirement necessitating breach of the duty to confidentiality. Lord Denning in Parry-Jones v Law Society said at 6-7:

“the solicitor must obey the law, and, in particular, he must comply with the rules made under the authority of statute for the conduct of the profession. If the rules require him to disclose his client’s affairs, then he must do so.”

Statutory abrogation of the duty is limited in scope and purpose however. Requirements are never blanket decrees for the revelation of confidential information. Rather they are based on upholding the public interest, where such interests override client interests in maintaining confidentiality.

Disclosure ostensibly to support lawyer’s own interests

Lawyers may disclose confidential information relating to the retainer where they are reasonably seeking to collect payment for services rendered. This is justified on policy grounds. If lawyers were unable to disclose such information, many would undertake legal work only where payment is made in advance. This would arguably adversely affect the public’s access to justice.

Lawyers may also breach the duty where they are defending themselves against disciplinary or legal proceedings. A client who initiates proceedings against a lawyer effectively waives rights to confidentiality. This is justified on grounds of procedural fairness – a lawyer unable to reveal information relating to the retainer would be unable to defend themselves against such actions.

Disclosure of information that is not confidential

Clearly, information that is not confidential does not fall under the duty of confidentiality. Disclosure of information that is already in the public domain does not breach the duty. Further, information that was not in the public knowledge at the time of the retainer agreement, is not subject to the duty if it subsequently enters the public domain. The purpose served by maintaining the confidence – the protection of the client – is arguably extinguished.

Nonetheless, the lawyer still owes a duty of loyalty, and clients may feel betrayed if such information is disclosed, even if it becomes public knowledge. Though there are no legal ramifications for disclosure, discretion on part of the lawyer may be in the long term interests of maintaining the propriety of the legal profession.

Disclosure for the purpose of probate

Another case is for the probate of a last will and testament. Previously confidential communications between the lawyer and testator are no longer secret for the purpose of proving the Will is the intent of the now deceased decedent. In many instances, the will, codicil, or other parts of the estate plan require explanation or interpretation through other proof (extrinsic evidence), such as the attorney’s file notes or correspondence from the client.

In certain cases, the client may desire or consent to revelation of personal or family secrets only after his or her death; for example, the Will may leave a legacy to a paramour or a natural child.

Therefore compelling reasons are necessary to justify disclosure of information acquired in practice by a health care professional. What constitutes ‘good reason’, however, is not so well understood and health care professionals encounter moral dilemmas and intellectual puzzlement.

Delivery of health care system in the UK is rapidly changing and doctors are faced with legal and ethical obligations relating to their professional practice. There is an emerging trend towards the use of statutes to protect and enforce patient rights resulting in alteration and limitations to professional practice.

Confidentiality has been regarded as ‘indispensible’ under good medical practice otherwise best treatment cannot be offered to patient. Equally this duty of confidentiality could itself cause greater damage to the patient’s rights and interests if the information about individual’s physical and mental health is not shared with relevant professionals.

Doctors and health care providers are faced with the dilemma of finding a balance between protecting patient’s confidentiality and allowing physicians to meet appropriate care needs of a patient.

The aim of this essay is to critically explore whether an unmitigated duty of confidence would prevent a physician sharing information with other health care professionals to treat a patient effectively.

The way to approach the question is to understand; (a) the origin, (b) recognition of the duty of confidence (c) the regulatory bodies guidelines and to look at the case laws, before looking into the (d) exceptions to this duty, prior to (e) drawing a conclusion.

  1. Origin Of The Duty Of Confidence:

A doctor’s duty about patient’s confidentiality has its origin from the first Medical ethics codes,

The Hippocratic Oath that states:

“Whatsoever things I see or hear concerning the life of men, in my attendance on the sick or even apart therefrom, which ought not to noised abroad, I will keep silence thereon, counting such things to be as sacred secrets.”

Patient confidentiality also receives unqualified protection in the modern version of the Oath, the Declaration of Geneva: “I will respect the secrets which are confined in me, even after the patient has died.”

In October 2009 General Medical Council, published an up to date guidance for doctors on “Confidentiality”, emphasising the point of making patient care a first concern, along with showing respect to patient’s right to confidentiality. This further holds a doctor personally responsible for his professional practice and should be able to justify his actions.

  1. Recognition Of The Duty Of Confidence:

The Department of Health, recognises duty of confidence in patient-clinician relationship by holding this as a legal obligation that is derived from case law. It also establishes this as a requirement within professional codes of conduct within NHS employment contracts as a specific requirement linked to disciplinary procedures.

There is a significant burden of confidentiality on medical profession, where the responsibility of keeping patient’s medical information safe can be quite diffuse due to multidisciplinary structure. Subsequently, there is a need to understand the duty of confidentiality ethically as well.

“As Jackson describes this on the deontological (duty-based) that states ‘respect for person’s rights importance for its own sake’ and teleological (consequences-based), ‘judging the actions by its consequences’ basis of reasoning.”

Patient’s confidentiality, autonomy and to recognise the duty of care that a doctor owes are three main duties of a doctor. Although these three main duties are professional, but there are legal implications in the event of a breach of such duties. These are also legal duties and ethical consideration often arises while contemplating such duties.

Doctor-patient confidentiality starts when a patient seeks the advice, care, and/or treatment from a doctor. It is usually implied by the patient seeking medical consultation. The patient should not be hindered by doubts that their medical concern(s) or condition(s) will be disclosed to others.

The general expectation is that a doctor will hold such knowledge in confidence and will only use it exclusively for patient’s benefit.

The professional duty of confidentiality covers not only what patients may or have revealed to doctors, but also what doctors may independently conclude or form a clinical opinion about, on the basis of examination, further investigations and tests (including x-rays, lab-reports, etc.) and/or assessment of patients. Beside communications between patient and doctor, and it also includes communications between the patient and other professional staff working alongside the doctor.

There has to be a lawful “doctor-patient relationship” between patient and a doctor before any duty of confidentiality is developed. Generally speaking, a patient must voluntarily seek consultation from the doctor, and only then can expect that the information will be held in confidence. This does not need to be expressed and is implied from the circumstances.

Meeting a doctor at a party, and during a “general conversation”, asking the doctor a medical opinion relating to them, the doctor’s advice under these circumstances most likely would not be regarded as confidential. Further, the doctor will not be considered “the individual’s doctor.”

Similarly, if patients are examined by a doctor following a third party request (such as an insurance company or their employer), no “Doctor-Patient relationship” is considered and no duty of confidentiality is owed by the doctor, irrespective of the extensive nature the examination or friendly attitude of the doctor. This is simply because patient has not sought the doctor’s advice or treatment.

  1. Regulatory Bodies Guidelines & Case Laws:

There is an obligation to obtain guidance on the duty of confidentiality from regulatory and statutory bodies. A ‘duty of confidentiality’ exists in the UK under Common Law based upon societal customs but not recognized by statute. This is further recognized, enforced and developed through the judgments in case laws but can make interpretation difficult.

In AG v Guardian Newspapers (No. 2) also known as spycatcher case, Lord Bingham explained that the duty of confidence arises from an obligation of conscience, and Lord Goff laid out the necessary conditions that relates to the circumstances for the existence of a duty of confidence with the effect that it would be just in all the circumstances for a doctor to avoid disclosing patients’ information to others.

General Medical Council recognises “Confidentiality” as fundamental for patients to confide in doctors otherwise, patients may be hesitant to provide information or seek medical attention that is essential for good care.

The Medical Research Council’s guidance on confidentiality reflects upon respect to private life as a human right and considers confidentiality as fundamental when holding extremely sensitive information. Keeping control over facts about one’s self can have an insignificant role in person’s sense of security, freedom of action and self-confidence.

The Human Rights Act 1998, Article 8, Right to respect for private and family life, also protects patient’s interest in confidentiality. However Article 8 is not an absolute right and is qualified by Article 8(2).

There are number of cases where patients have relied on Article 8 of Human Rights Act 1998 about the breach of confidentiality. For example, the judgment of ECtHR in Z v Finland, court held that there was no violation of Article 8 on the basis of good reasons for acquiring information, as the legitimate aims being pursued and no disproportionate measures were taken.

In the case of Campbell v MGN Ltd, Baroness Hale said “Blundering in when matters are acknowledged to be at ‘fragile’ stage may do great harm.” Here the House of Lords recognises and obligation of existence of confidentiality due to the nature of treatment for Ms Campbell’s drug addiction.

In May 2002, Information Commissioner Office published guidelines on “Use and Disclosure of Health Data” The Data Protection Act 1998 gives effect in UK law to EC Directive 95/46/EC.

It introduces Eight Data Protection Principles that set out standards on personal data handling and processing ‘fairly and lawfully.’ However it is worth noting from British Medical Association’s guidelines that The Data Protection Act governs access to the health records of living people only in both NHS and private health sector. It is also applicable to employers holding data about physical or mental health of their employees if the record has been made by, or on behalf of, a health professional in connection with the care of the employee..

Does the duty of confidentiality end with the death of a patient? The Department of Health and GMC both agree over the lack of clarity about legal obligations of confidentiality applying to deceased patient. Both suggest that ethical obligation of confidentiality must continue to apply according to the guidelines.’

General Medical Council explains that, “Your duty of confidentiality continues after a patient has died”.

GMC further suggest that the level of disclosure after a patient’s death will depend on the circumstances. Doctor should usually respect patient’s wishes and must consider the reasons for such disclosure while balancing the distress or benefits to the patient’s spouse or family. Further such disclosures could disclose information about the patient’s family or anyone else and if the information is not already in public knowledge then consider anonymisation or coding.

  1. Exceptions To The Duty Of Confidentiality:

GMC advice is to regard confidentiality as an important but not an absolute duty under exceptional circumstances e.g. if required by law, implicit or explicit consent by patient and when justifiable public interests are involved.

It is worth noting that breaches of confidentiality are not deliberate acts of the doctor, but are commonly unintentional breaches of confidentiality. Physical privacy of the patient can be prevented to a degree by curtains on NHS inpatient wards, but there is no guarantee that confidential discussion at the patient’s bedside will not be overheard by others.

Where appropriate consent has been obtained from the patient the information can be shared with others such as, health care workers, medical reports to Benefit Agencies, Employers or Police. Also to administrative staff for anonymisation of research data and Publication of case histories.

Disclosure is also appropriate without patient consent due to withheld consent and impracticalities in patient’s best interest e.g. medical emergencies, in the case of individual’s mental incapacity and in the case of child abuse where statutory authorities must be informed.

Also to DVLA where patient continues to drive despite attempts to persuade them otherwise, where a person is unable to comprehend that they are unfit to drive e.g. in case of dementia.

Public interest is probably the most important exception and disclosure can be made without patient’s permission. This arises in such cases; if ordered by a judge, a person has a serious communicable disease continues to put close contacts at risk, to act quickly in the event of an outbreak of some communicable disease and there is insufficient time to obtain patient’s consent and to assist in the prevention, detection and prosecution of a serious crime and reporting ‘gunshot and knife injuries.’ There may be exceptional circumstances of fitness to practice where a health professional is a risk to the public but does not give consent to disclosure. Also included are Statutory notifications (birth, death, abortion, and notifiable diseases), information regarding serious communicable diseases to the relevant authorities, reporting death to a coroner in connection with inquest or fatal accident inquiry.

The Courts handle the duty of confidentiality in a flexible way leading to ongoing changes in the UK legal system. Indeed, Courts are faced with a balancing act when deciding cases on confidentiality and disclosure. There are several circumstances when the doctor may legitimately disclose information regarding a patient. Both legal and medical experts would argue that the duty of confidentiality is relative, not absolute; and the matter is principally for the professional judgement of the contemplating health practitioner to decide in the individual case whether public interests take precedence over the duty of confidentiality.

In the case of W v Egdell (1990), considering the Doctrine of Judicial precedence, the court held that the balance of public interests (i.e. confidentiality against public safety) was in favour of disclosure because of the seriousness of the offences that the patient had committed and the need for the authorities to have relevant information about his medical condition before making decisions about his release.

In Hunter v. Mann, the doctor refused to disclose identities of two patients he treated in a ‘hit and run’ accident. This doctor was convicted and fined under the Road Traffic Act 1972 (which preceded the 1988 Act).

Similarly, judgments in the cases of X v Y and Palmer v Tees Health Authority is also examples of court’s balancing act with different rulings.


The duty of confidentiality is regarded “sacred” by almost all medical practitioners, however the legal duty of confidence remained somewhat opaque. Privacy and confidentiality are similar but not synonymous. The Human Rights Act prevents privacy but the duty of confidentiality simply prevents the redisclosure of previously disclosed information in a confidential doctor-patient relationship. The General Medical Council’s guidance is the most useful tool for the doctors, when faced with the dilemma to justify breaching patient confidentiality. Failure to follow General Medical Council guidelines could lead to disciplinary and professional misconduct proceedings against the doctor. If found guilty the doctor can be struck off from medical register.

Disclosure may be legal under certain circumstances (mainly under the public interest exception, and certain cases where the patient mental capacity has been affected). But certain requirements must be met before any disclosure is acceptable under these circumstances. There are a wide range of circumstances where duty to respect confidentiality is either suspended or modified. For example when sharing patients` notes among health care professionals.

The doctor exists for patient, not the other way round. The doctor must act independently or in collaboration with other medical colleagues and must always consider the best for the patient’s physical and mental health. Therefore a blanket and absolute duty of confidence would prevent a doctor from disclosing information that is necessary for other health professionals to treat the patient effectively.

In my view duty of confidentiality should be regarded as relative, not absolute as there is no single collection of ethical guidelines or laws, clarifying every aspect of ethical or legal issue arising from the duty confidentiality. Breach of confidences can have deleterious consequences;

particularly for the doctor-patient relationship, but, failure to disclose in some situations could have serious implications for the well-being of the patient or the wider society.

While keeping the balanced view, significant majority of clinicians would regard the duty of confidentiality as a “Double-edged sword”. The problem arises due to the broad and somewhat vague exception of ‘public interests’ along with confusing legal rules governing the duty of confidentiality.