Confidentiality

Question: Your patient tests positive for HIV and, despite repeated counseling, refuses to disclose this to his wife, who is also your patient. You assume husband and wife engage in unprotected sex. Select the single best answer:

A. You have both a moral and legal duty to inform your patient's wife.

B. The patient will successfully sue you if you breach confidentiality.

C. The patient's wife will successfully sue you if you do not warn her and she suffers harm.

D. You are legally obligated to disclose the information to health authorities.

E. All choices are incorrect.

Answer: E. Because a doctor must respect a patient's confidential information, medical information generally cannot be disclosed without consent. However, under some circumstances, a doctor is obligated by law or because of a higher competing interest to breach confidentiality. Examples include cases of suspected child abuse and certain public health hazards such as infectious diseases.

State law forbids the release of HIV records except in very special situations, and frequently permits but does not mandate reporting to state health authorities. Direct disclosure to third parties at risk is generally not provided by statute. However, California is an exception; the state allows the attending physician to disclose such information to “a person reasonably believed to be the spouse … a sexual partner or a person with whom the patient has shared the use of hypodermic needles, or to the local health officer” (California Health and Safety Code §121015[a]). This law is permissive, allowing but not requiring the physician to disclose.

In the hypothetical scenario described above, choice E is best. Although it could be argued that there may be a moral duty for the physician to directly inform the wife, especially since she is also a patient, legal duty is a different matter. Neither the wife nor the infected patient will necessarily be successful in a lawsuit against the doctor, depending in part on the jurisdiction and the prescribed manner of reporting/disclosure. Because statutes vary, physicians would do well to consult with state health authorities or a malpractice risk manager on the proper course of action in any given case.

Historically, patient confidentiality was part of an ethical code that all doctors abided in. The tradition dates back to the Hippocratic Oath, which states in part: “Whatever in connection with my professional practice, or not in connection with it, I see or hear, in the life of men, which ought not to be spoken of abroad, I will not divulge as reckoning that all should be kept secret.”

Notwithstanding Hippocrates (and HIPAA, its modern progeny, which protects personal health information), the professional duty to protect the secrets of a patient is not an absolute one, and in some situations limited disclosure is morally defensible and legally permissible or even obligatory. Most states require reporting in cases of suspected communicable diseases, impaired driving, child and elder abuse, domestic violence, or weapon injuries.

Even if there is no relevant state regulation, a doctor may have a legal duty to disclose sensitive information to named third parties if actual harm can be prevented through such disclosure. The well-known case of Tarasoff v. Regents of University of California established that where there is threatened harm to a named third party, the practitioner is required to reveal the information to the intended victim (this has been termed the Tarasoff rule). In Tarasoff, a patient confided in the university psychologist his intention to kill his ex-girlfriend. The information, though shared with campus security, was not released to the intended victim, and the patient stabbed her to death 2 months later. The court found the psychologist and the University of California (under respondeat superior) liable, reasoning that the protection of public safety was more important than the sanctity of doctor-patient confidentiality: “We recognize the public interest in supporting effective treatment of mental illness and in protecting the rights of patients to privacy and the consequent public importance of safeguarding the confidential character of psychotherapeutic communication. Against this interest, however, we must weigh the public interest in safety from violent assault…. In this risk-infested society, we can hardly tolerate the further exposure to danger that would result from a concealed knowledge of the therapist that his patient was lethal” (Tarasoff v. Regents of University of California, 551 P.2d 334 [S. Ct. Calif.1976]).

Disclosure to third parties of sensitive patient information may constitute defamation, which is defined as harming a person's reputation through communicating to others a verbal or written falsehood. However, truth is an absolute defense against a defamation claim; alternatively, the doctor may have a qualified privilege where there is a public health interest. For example, in Simonsen v. Swenson, a physician disclosed a positive syphilis test result that turned out to be an error. In the defamation suit that followed, the court declined to impose liability on the doctor, finding that he was protected in discharging his duty to disclose (Simonsen v. Swenson, 177 N.W. 831 [Neb. 1920]).

As a group, health care professionals ought to be far more circumspect in observing confidentiality. Loose talk, gossip, disclosure of patient identity, or indiscriminate release of medical records are all examples of confidentiality breach. We too often discuss cases, sometimes identifying the patient by name or room and bed number, in public places within earshot of strangers. In a 1995 study that observed 259 one-way elevator trips in five U.S. hospitals, the authors overheard a total of 39 inappropriate comments that took place on 36 rides (13.9% of the trips) (Am. J. Med. 1995;99:190-4). Many of the comments clearly breached patient confidentiality.

Contact the author at [email protected].

Question: Your patient tests positive for HIV and, despite repeated counseling, refuses to disclose this to his wife, who is also your patient. You assume husband and wife engage in unprotected sex. Select the single best answer:

A. You have both a moral and legal duty to inform your patient's wife.

B. The patient will successfully sue you if you breach confidentiality.

C. The patient's wife will successfully sue you if you do not warn her and she suffers harm.

D. You are legally obligated to disclose the information to health authorities.

E. All choices are incorrect.

Answer: E. Because a doctor must respect a patient's confidential information, medical information generally cannot be disclosed without consent. However, under some circumstances, a doctor is obligated by law or because of a higher competing interest to breach confidentiality. Examples include cases of suspected child abuse and certain public health hazards such as infectious diseases.

State law forbids the release of HIV records except in very special situations, and frequently permits but does not mandate reporting to state health authorities. Direct disclosure to third parties at risk is generally not provided by statute. However, California is an exception; the state allows the attending physician to disclose such information to “a person reasonably believed to be the spouse … a sexual partner or a person with whom the patient has shared the use of hypodermic needles, or to the local health officer” (California Health and Safety Code §121015[a]). This law is permissive, allowing but not requiring the physician to disclose.

In the hypothetical scenario described above, choice E is best. Although it could be argued that there may be a moral duty for the physician to directly inform the wife, especially since she is also a patient, legal duty is a different matter. Neither the wife nor the infected patient will necessarily be successful in a lawsuit against the doctor, depending in part on the jurisdiction and the prescribed manner of reporting/disclosure. Because statutes vary, physicians would do well to consult with state health authorities or a malpractice risk manager on the proper course of action in any given case.

Historically, patient confidentiality was part of an ethical code that all doctors abided in. The tradition dates back to the Hippocratic Oath, which states in part: “Whatever in connection with my professional practice, or not in connection with it, I see or hear, in the life of men, which ought not to be spoken of abroad, I will not divulge as reckoning that all should be kept secret.”

Notwithstanding Hippocrates (and HIPAA, its modern progeny, which protects personal health information), the professional duty to protect the secrets of a patient is not an absolute one, and in some situations limited disclosure is morally defensible and legally permissible or even obligatory. Most states require reporting in cases of suspected communicable diseases, impaired driving, child and elder abuse, domestic violence, or weapon injuries.

Even if there is no relevant state regulation, a doctor may have a legal duty to disclose sensitive information to named third parties if actual harm can be prevented through such disclosure. The well-known case of Tarasoff v. Regents of University of California established that where there is threatened harm to a named third party, the practitioner is required to reveal the information to the intended victim (this has been termed the Tarasoff rule). In Tarasoff, a patient confided in the university psychologist his intention to kill his ex-girlfriend. The information, though shared with campus security, was not released to the intended victim, and the patient stabbed her to death 2 months later. The court found the psychologist and the University of California (under respondeat superior) liable, reasoning that the protection of public safety was more important than the sanctity of doctor-patient confidentiality: “We recognize the public interest in supporting effective treatment of mental illness and in protecting the rights of patients to privacy and the consequent public importance of safeguarding the confidential character of psychotherapeutic communication. Against this interest, however, we must weigh the public interest in safety from violent assault…. In this risk-infested society, we can hardly tolerate the further exposure to danger that would result from a concealed knowledge of the therapist that his patient was lethal” (Tarasoff v. Regents of University of California, 551 P.2d 334 [S. Ct. Calif.1976]).

Disclosure to third parties of sensitive patient information may constitute defamation, which is defined as harming a person's reputation through communicating to others a verbal or written falsehood. However, truth is an absolute defense against a defamation claim; alternatively, the doctor may have a qualified privilege where there is a public health interest. For example, in Simonsen v. Swenson, a physician disclosed a positive syphilis test result that turned out to be an error. In the defamation suit that followed, the court declined to impose liability on the doctor, finding that he was protected in discharging his duty to disclose (Simonsen v. Swenson, 177 N.W. 831 [Neb. 1920]).

As a group, health care professionals ought to be far more circumspect in observing confidentiality. Loose talk, gossip, disclosure of patient identity, or indiscriminate release of medical records are all examples of confidentiality breach. We too often discuss cases, sometimes identifying the patient by name or room and bed number, in public places within earshot of strangers. In a 1995 study that observed 259 one-way elevator trips in five U.S. hospitals, the authors overheard a total of 39 inappropriate comments that took place on 36 rides (13.9% of the trips) (Am. J. Med. 1995;99:190-4). Many of the comments clearly breached patient confidentiality.

Contact the author at [email protected].

Question: Your patient tests positive for HIV and, despite repeated counseling, refuses to disclose this to his wife, who is also your patient. You assume husband and wife engage in unprotected sex. Select the single best answer:

A. You have both a moral and legal duty to inform your patient's wife.

B. The patient will successfully sue you if you breach confidentiality.

C. The patient's wife will successfully sue you if you do not warn her and she suffers harm.

D. You are legally obligated to disclose the information to health authorities.

E. All choices are incorrect.

Answer: E. Because a doctor must respect a patient's confidential information, medical information generally cannot be disclosed without consent. However, under some circumstances, a doctor is obligated by law or because of a higher competing interest to breach confidentiality. Examples include cases of suspected child abuse and certain public health hazards such as infectious diseases.

State law forbids the release of HIV records except in very special situations, and frequently permits but does not mandate reporting to state health authorities. Direct disclosure to third parties at risk is generally not provided by statute. However, California is an exception; the state allows the attending physician to disclose such information to “a person reasonably believed to be the spouse … a sexual partner or a person with whom the patient has shared the use of hypodermic needles, or to the local health officer” (California Health and Safety Code §121015[a]). This law is permissive, allowing but not requiring the physician to disclose.

In the hypothetical scenario described above, choice E is best. Although it could be argued that there may be a moral duty for the physician to directly inform the wife, especially since she is also a patient, legal duty is a different matter. Neither the wife nor the infected patient will necessarily be successful in a lawsuit against the doctor, depending in part on the jurisdiction and the prescribed manner of reporting/disclosure. Because statutes vary, physicians would do well to consult with state health authorities or a malpractice risk manager on the proper course of action in any given case.

Historically, patient confidentiality was part of an ethical code that all doctors abided in. The tradition dates back to the Hippocratic Oath, which states in part: “Whatever in connection with my professional practice, or not in connection with it, I see or hear, in the life of men, which ought not to be spoken of abroad, I will not divulge as reckoning that all should be kept secret.”

Notwithstanding Hippocrates (and HIPAA, its modern progeny, which protects personal health information), the professional duty to protect the secrets of a patient is not an absolute one, and in some situations limited disclosure is morally defensible and legally permissible or even obligatory. Most states require reporting in cases of suspected communicable diseases, impaired driving, child and elder abuse, domestic violence, or weapon injuries.

Even if there is no relevant state regulation, a doctor may have a legal duty to disclose sensitive information to named third parties if actual harm can be prevented through such disclosure. The well-known case of Tarasoff v. Regents of University of California established that where there is threatened harm to a named third party, the practitioner is required to reveal the information to the intended victim (this has been termed the Tarasoff rule). In Tarasoff, a patient confided in the university psychologist his intention to kill his ex-girlfriend. The information, though shared with campus security, was not released to the intended victim, and the patient stabbed her to death 2 months later. The court found the psychologist and the University of California (under respondeat superior) liable, reasoning that the protection of public safety was more important than the sanctity of doctor-patient confidentiality: “We recognize the public interest in supporting effective treatment of mental illness and in protecting the rights of patients to privacy and the consequent public importance of safeguarding the confidential character of psychotherapeutic communication. Against this interest, however, we must weigh the public interest in safety from violent assault…. In this risk-infested society, we can hardly tolerate the further exposure to danger that would result from a concealed knowledge of the therapist that his patient was lethal” (Tarasoff v. Regents of University of California, 551 P.2d 334 [S. Ct. Calif.1976]).

Disclosure to third parties of sensitive patient information may constitute defamation, which is defined as harming a person's reputation through communicating to others a verbal or written falsehood. However, truth is an absolute defense against a defamation claim; alternatively, the doctor may have a qualified privilege where there is a public health interest. For example, in Simonsen v. Swenson, a physician disclosed a positive syphilis test result that turned out to be an error. In the defamation suit that followed, the court declined to impose liability on the doctor, finding that he was protected in discharging his duty to disclose (Simonsen v. Swenson, 177 N.W. 831 [Neb. 1920]).

As a group, health care professionals ought to be far more circumspect in observing confidentiality. Loose talk, gossip, disclosure of patient identity, or indiscriminate release of medical records are all examples of confidentiality breach. We too often discuss cases, sometimes identifying the patient by name or room and bed number, in public places within earshot of strangers. In a 1995 study that observed 259 one-way elevator trips in five U.S. hospitals, the authors overheard a total of 39 inappropriate comments that took place on 36 rides (13.9% of the trips) (Am. J. Med. 1995;99:190-4). Many of the comments clearly breached patient confidentiality.

Contact the author at [email protected].