The Medical Association reminds the medical fraternity and the public that a breach of patient confidentiality and privacy is against the law

The Trinidad and Tobago Medical Association (T&TMA) has issued a strong condemnation over what it states was “the inappropriate sharing of an image of a patient referral letter to a tertiary institution over the Carnival weekend”.

In an official statement issued today, the Association stated categorically that “it is the duty of Physicians to protect and regard as absolutely confidential, any information derived from the course of patient doctor interaction as well as any documents regarding the patient except under special defined circumstances”.

The T&TMA was making reference to the image of a detailed referral letter which was shared on social media.  The post reportedly contained personal details of the patient who sought medical care, including name, date of birth, travel history and other personal details.

According to the Association, the person who shared the post may have thought they were acting in the public interest, but what really happened was the violation of the privacy of the patient in question, as well as the compromising of “sanctity of the physician-patient relationship”.

It notes that such breaches of confidentiality amount to unethical conduct, and physicians guilty of such breaches run the risk of having their license to practise either suspended or revoked.

The Medical Association recommends that their colleagues in the Medical fraternity, as well as the general public, familiarise themselves with the T&TMA’s Privacy and Confidentiality in Medical Practice Policy Statement, which was drafted for them by Professor Hariharan Seetharaman.

The Policy Statement outlines what constitutes a breach and unethical conduct, and also clearly stipulates the circumstances under which medical professionals can share patient information.

The contents of the Policy Statement, follow:


A Statement to Guide Medical Practitioners in Trinidad and Tobago

Key messages:

  • Maintenance of patient privacy and confidentiality is of the utmost importance and is the backbone of ethical practice
  • Information derived from the doctor patient interaction and relationship is protected by law
  • Only under very special circumstances is confidential information to be shared
  • Breach of these principles may lead the offending physician to censure and/or reprimand resulting in possible suspension or revocation of medical license

Although used interchangeably, Privacy and Confidentiality are distinctly defined as follows:

  1. Privacy is the right of patients to keep or maintain any health-related information private to themselves.
  2. Confidentiality refers to the duty of a professional, who has been entrusted with a patient’s information, to keep that information private and not to divulge it.

Privacy and Confidentiality stem from the autonomy principle of bioethics and their objective is to protect patients from harm and distress, which may include physical as well as psychological harm. They are one of the basic tenets of ethical practice, which should be stringently adhered to by every medical practitioner.

Generally, during the course of consultation with a physician, patients may need to share private information including their history, symptoms, illnesses, medications, drug/ alcohol abuse, their psychological and financial status etc., which MUST remain confidential with the physician. Similarly, the physician’s findings about the patient including the diagnosis, the advice for investigations, reports of investigations and other case particulars MUST also remain confidential with the physician.

However, there are some unique situations where a need may arise to share some patient information. These are as follows:

  1. When a patient is admitted to a hospital, if a physician initially sees the patient and refers the patient to another doctor, then the information may be shared ONLY for medical purposes. The first physician cannot share such information to another physician (or any other healthcare provider) if they are NOT involved in the care of the patient.
  2. If a patient is diagnosed with a ‘notifiable’ disease, this information may be shared with the public health authorities, to ensure the institution of measures to control a potential outbreak of the disease.
  3. If the physician sees an immediate threat to the society because of the illness of the patient (e.g., a bus driver diagnosed with epileptic seizures), attempts should be made to convince the patient to address the issue. However, if the patient disagrees and if there is a clearly justifiable interest of greater common good, the information must be passed on.
  4. If there is an explicit consent from the patient to share the information with close relatives / next of kin, then the information can be shared with them.
  5. In the above context, ONLY if there is an explicit consent from the patient, patient information such as diagnosis can be shared with the workplace or employer of the patient.
  6. In the context of health insurance, most third-party payers require the patients to sign a blanket consent form when enrolling for a policy, to handle protected heath information. Only when the exact diagnoses and procedures done on the patient are available to the insurer, they will be able to make an informed decision about claims on the policy. Hence, the physician is allowed to share the information with the insurers in order to facilitate claims and reimbursements. However, the insurer has a primary duty to keep this information confidential within the office handling the claims.
  7. When a court of law subpoenas patient information to be produced, this cannot be ignored. The most prudent approach will be to request the patient to have a legal representation and require the patient to sign a disclosure form through the attorney, and release the information to the attorney.
  8. In certain special situations such as confidentiality involving a psychiatric evaluation and a patient, some aspects of the physician privilege will still be allowed by court.
    The US Supreme Court decision in the matter of psychiatrist-patient confidentiality is as follows: “If the purpose of the privilege is to be served, the participants in the confidential conversation [patient and physician] must be able to predict with some degree of certainty whether particular discussions will be protected”
  9. In case of mentally incapacitated patient—e.g. a patient in an ICU—the aspects of the critical nature of the illness as well as the therapy may be shared with the next of the kin/ holder of power of attorney. For children, information can be shared with the parent or the legal guardian.
  10. HIV has a special clause of exclusivity and information regarding HIV status of a patient cannot be shared with even the next of kin, unless there is an explicit consent.

The following acts are unethical and amounts to breach of confidentiality:

  1. Sharing any patient information without their consent on social media – including Facebook, WhatsApp, Emails, Instagram etc.,
  2. Publishing identifiable patient information in case reports or research papers
  3. Discussing about patients with identifiable information in any online forum without their explicit consent

If the Medical Board of Trinidad and Tobago (MBTT) receives a complaint regarding breach of confidentiality committed by a physician, the MBTT will investigate the case and if found guilty of unethical conduct, the physician can be censured/ reprimanded. The medical license can be suspended or revoked under Section 24 (2) of the Medical Board Act depending upon the gravity of the issue.