Legal Issues on Patient Confidentiality and Informed Consent in Medical Law
Added on 2023-06-10
36 Pages11951 Words461 Views
|
|
|
Running head: MEDICAL LAW
Medical Law
Name of the Student
Name of the University
Author Note
Medical Law
Name of the Student
Name of the University
Author Note
1MEDICAL LAW
Chapter 1:
Introduction:
The concept of informed consent in regard to medical research and treatment is still
unknown to the medical researchers and practitioners as well. In this regard, it is noteworthy to
mention here that the doctor-patient relationship in India is governed by the relationship of trust
and authorization1. However, in modern era, the concept of informed consent is still ignored
while dealing with the issues of the patients in daily medical practices. In order to complicate
such issue further, the India law has not given proper specifications regarding the age limit in
which an individual can give a valid consent.
It is evident that, still now, the Indian Penal Code has been silent regarding the legal
validity of the consent received from persons aged between twelve and eighteen. It is worthwhile
to mention here that, at this age limit the concept of “right to confidentiality” can be emphasized
upon; the Courts are at the authority to define it or it can be defined by the statutory provisions 2.
Therefore, mention can be made regarding the fact that, there is a requirement of statutory
provision for the purpose of removing the existing ambiguities and uncertainties in the way of
the concept of age consent. As a result of it, an individual’s right to medical confidentiality at a
particular age can be examined.
In the case of Samira Kohli vs. Prabha Manchanda Dr. & ANR 1(2008) CPJ 56 (SC3),
it was recognized by the Supreme Court of India that, a majority of the Indian citizens requiring
medical attention and treatment falls below the poverty line. In this regard, it can be observed
1Birkhead, Guthrie S., Michael Klompas, and Nirav R. Shah. "Uses of electronic health records for public health
surveillance to advance public health." Annual review of public health 36 (2015): 345-359.
2Boonstra, Albert, Arie Versluis, and Janita FJ Vos. "Implementing electronic health records in hospitals: a
systematic literature review." BMC health services research14.1 (2014): 370.
3Samira Kohli vs. Prabha Manchanda Dr. & ANR 1(2008) CPJ 56 (SC).
Chapter 1:
Introduction:
The concept of informed consent in regard to medical research and treatment is still
unknown to the medical researchers and practitioners as well. In this regard, it is noteworthy to
mention here that the doctor-patient relationship in India is governed by the relationship of trust
and authorization1. However, in modern era, the concept of informed consent is still ignored
while dealing with the issues of the patients in daily medical practices. In order to complicate
such issue further, the India law has not given proper specifications regarding the age limit in
which an individual can give a valid consent.
It is evident that, still now, the Indian Penal Code has been silent regarding the legal
validity of the consent received from persons aged between twelve and eighteen. It is worthwhile
to mention here that, at this age limit the concept of “right to confidentiality” can be emphasized
upon; the Courts are at the authority to define it or it can be defined by the statutory provisions 2.
Therefore, mention can be made regarding the fact that, there is a requirement of statutory
provision for the purpose of removing the existing ambiguities and uncertainties in the way of
the concept of age consent. As a result of it, an individual’s right to medical confidentiality at a
particular age can be examined.
In the case of Samira Kohli vs. Prabha Manchanda Dr. & ANR 1(2008) CPJ 56 (SC3),
it was recognized by the Supreme Court of India that, a majority of the Indian citizens requiring
medical attention and treatment falls below the poverty line. In this regard, it can be observed
1Birkhead, Guthrie S., Michael Klompas, and Nirav R. Shah. "Uses of electronic health records for public health
surveillance to advance public health." Annual review of public health 36 (2015): 345-359.
2Boonstra, Albert, Arie Versluis, and Janita FJ Vos. "Implementing electronic health records in hospitals: a
systematic literature review." BMC health services research14.1 (2014): 370.
3Samira Kohli vs. Prabha Manchanda Dr. & ANR 1(2008) CPJ 56 (SC).
2MEDICAL LAW
that most of them are illiterate and do not understand the complexity of the modern medical
terms, conditions, concepts as well as the treatment procedures. They do not have proper
understanding regarding the functioning of various body organs and the probable effect if such
organs were removed after a certain time4. They are not given proper access to costly diagnostic
procedures and have to act according to the guidelines prescribed by the doctors and medical
practitioners. Presently, the Indian Penal Code has stated in the provisions of Section 87 that a
person aged above 18 years can provide a valid consent however; according to the provisions of
Section 89 of the Indian Penal Code a child aged less than 12 years cannot provide valid consent.
In modern era, individuals are often confused with the concept of confidentiality and the
value of trade secrets. In this regard, privacy refers to the utilization and disclosure of personal
information which is only applicable in cases regarding the information provided to specific
group of individuals. As the concept of personal information is such that it can be regarded as the
manifestation of individual personality5. In this context, the Courts of India most importantly the
Supreme Court of India have rightly recognized the right to privacy as it forms an integral part of
right to life and liberty. The right to life and liberty is a fundamental right guaranteed to every
individual under the Indian Constitution. In this regard, the right to privacy has been provided to
every individual and utmost importance has been given by the Indian Judiciary keeping in
consideration the security of the state and community interests.
At present, no specific legislations are there dealing with data privacy and protection of
data. However, the protection of privacy and data can be derived from various laws in regard to
4 Dhanireddy, Shireesha, et al. "The urban underserved: attitudes towards gaining full access to electronic medical
records." Health Expectations 17.5 (2014): 724-732.
5 Corona, Lauren E., et al. "Use of other treatments before hysterectomy for benign conditions in a statewide hospital
collaborative." American journal of obstetrics and gynecology212.3 (2015): 304-e1.
that most of them are illiterate and do not understand the complexity of the modern medical
terms, conditions, concepts as well as the treatment procedures. They do not have proper
understanding regarding the functioning of various body organs and the probable effect if such
organs were removed after a certain time4. They are not given proper access to costly diagnostic
procedures and have to act according to the guidelines prescribed by the doctors and medical
practitioners. Presently, the Indian Penal Code has stated in the provisions of Section 87 that a
person aged above 18 years can provide a valid consent however; according to the provisions of
Section 89 of the Indian Penal Code a child aged less than 12 years cannot provide valid consent.
In modern era, individuals are often confused with the concept of confidentiality and the
value of trade secrets. In this regard, privacy refers to the utilization and disclosure of personal
information which is only applicable in cases regarding the information provided to specific
group of individuals. As the concept of personal information is such that it can be regarded as the
manifestation of individual personality5. In this context, the Courts of India most importantly the
Supreme Court of India have rightly recognized the right to privacy as it forms an integral part of
right to life and liberty. The right to life and liberty is a fundamental right guaranteed to every
individual under the Indian Constitution. In this regard, the right to privacy has been provided to
every individual and utmost importance has been given by the Indian Judiciary keeping in
consideration the security of the state and community interests.
At present, no specific legislations are there dealing with data privacy and protection of
data. However, the protection of privacy and data can be derived from various laws in regard to
4 Dhanireddy, Shireesha, et al. "The urban underserved: attitudes towards gaining full access to electronic medical
records." Health Expectations 17.5 (2014): 724-732.
5 Corona, Lauren E., et al. "Use of other treatments before hysterectomy for benign conditions in a statewide hospital
collaborative." American journal of obstetrics and gynecology212.3 (2015): 304-e1.
3MEDICAL LAW
information technology, the intellectual property rights and the crimes and contractual relations.
From the very beginning, the Information Technology Act 2000 has been providing a safeguard
against certain breaches regarding data protection of computer systems. The Information
Technology Act 2000 deals with provisions for the purpose of preventing unauthorized use of
computers, computer systems and data stored within it. The Act provided personal liability in
case of illegal and unauthorized access to computers, computer systems and the information
stored within it. It is worthwhile to mention here that, the Information Technology Act 2000 has
been silent in regard to the liability on the part of the internet service providers and network
service providers dealing with data handling. According to the provisions of Section 79 of the
Information Technology Act 2000, the liability on the part of the entities can be emphasized in
regard to the concept of knowledge and capacity before the determination of existing scope of
penalties. It signifies the fact that, the network service provider and the outsourcing service
provider cannot be held liable for the acts on the part of a third party data. However, it is
important to prove that, such contravention has been caused without his prior consent and
knowledge and that he has exercised due diligence and care to prevent such offence or
contravention. In the case of Kharak Singh Vs. State of U.P (AIR 1963 SC 12956, it was
observed that if there is any violation of the provisions of the Information Technology Act 2000
in an organization, the directors were held personally liable for negligent or intentional actions.
The Indian Penal Code has not specified the liabilities for the breach of data privacy.
However, the provisions of Section 403of the Indian Penal Code has imposed criminal penalty in
regard to dishonest misappropriation of a movable property for personal use. In this regard, the
Intellectual Property Rights Act and the Indian Copyright Act has been prescribing mandatory
6 Kharak Singh vs. State of U.P (AIR 1963 SC 1295.
information technology, the intellectual property rights and the crimes and contractual relations.
From the very beginning, the Information Technology Act 2000 has been providing a safeguard
against certain breaches regarding data protection of computer systems. The Information
Technology Act 2000 deals with provisions for the purpose of preventing unauthorized use of
computers, computer systems and data stored within it. The Act provided personal liability in
case of illegal and unauthorized access to computers, computer systems and the information
stored within it. It is worthwhile to mention here that, the Information Technology Act 2000 has
been silent in regard to the liability on the part of the internet service providers and network
service providers dealing with data handling. According to the provisions of Section 79 of the
Information Technology Act 2000, the liability on the part of the entities can be emphasized in
regard to the concept of knowledge and capacity before the determination of existing scope of
penalties. It signifies the fact that, the network service provider and the outsourcing service
provider cannot be held liable for the acts on the part of a third party data. However, it is
important to prove that, such contravention has been caused without his prior consent and
knowledge and that he has exercised due diligence and care to prevent such offence or
contravention. In the case of Kharak Singh Vs. State of U.P (AIR 1963 SC 12956, it was
observed that if there is any violation of the provisions of the Information Technology Act 2000
in an organization, the directors were held personally liable for negligent or intentional actions.
The Indian Penal Code has not specified the liabilities for the breach of data privacy.
However, the provisions of Section 403of the Indian Penal Code has imposed criminal penalty in
regard to dishonest misappropriation of a movable property for personal use. In this regard, the
Intellectual Property Rights Act and the Indian Copyright Act has been prescribing mandatory
6 Kharak Singh vs. State of U.P (AIR 1963 SC 1295.
4MEDICAL LAW
punishment for committing piracy of copyrighted data. According to the provisions of Section
63B of the Indian Copyright Act if an individual intentionally makes use of any computer data
then he shall be punished for a considerable period of minimum six months and maximum three
years. However, it is important on the part of the Indian Courts to recognize the copyright
contained in such databases and that whether the copyright was infringed. If any infringement is
caused in respect to such databases, the existing outsourcing company may take an action under
the Indian Copyright Act.
Chapter 2:
The legal issues on patient confidentiality:
2.1. Introduction:
The legal issues regarding patient confidentiality comprises of the preservation of
confidential information of the patients. These legal issues can be can be reinforced by the
principles law in regard to the specific areas of law of contract, negligence, defamation and
certain fiduciary duties7. However, the laws pertaining to medical confidences are regarding the
disclosure of confidential matters. The legal issues involving confidentiality of the patients are
concerned with unlawful conduct in relation to health. This Chapter will review the laws related
to confidentiality and the principles governing doctor-patient relationship.
2.2. Patient Confidentiality:
7Flint, Alexander C., et al. "Impact of increased early statin administration on ischemic stroke outcomes: a
multicenter electronic medical record intervention." Journal of the American Heart Association 5.8 (2016):
e003413.
punishment for committing piracy of copyrighted data. According to the provisions of Section
63B of the Indian Copyright Act if an individual intentionally makes use of any computer data
then he shall be punished for a considerable period of minimum six months and maximum three
years. However, it is important on the part of the Indian Courts to recognize the copyright
contained in such databases and that whether the copyright was infringed. If any infringement is
caused in respect to such databases, the existing outsourcing company may take an action under
the Indian Copyright Act.
Chapter 2:
The legal issues on patient confidentiality:
2.1. Introduction:
The legal issues regarding patient confidentiality comprises of the preservation of
confidential information of the patients. These legal issues can be can be reinforced by the
principles law in regard to the specific areas of law of contract, negligence, defamation and
certain fiduciary duties7. However, the laws pertaining to medical confidences are regarding the
disclosure of confidential matters. The legal issues involving confidentiality of the patients are
concerned with unlawful conduct in relation to health. This Chapter will review the laws related
to confidentiality and the principles governing doctor-patient relationship.
2.2. Patient Confidentiality:
7Flint, Alexander C., et al. "Impact of increased early statin administration on ischemic stroke outcomes: a
multicenter electronic medical record intervention." Journal of the American Heart Association 5.8 (2016):
e003413.
5MEDICAL LAW
The general principles of confidential information have been outlined in the provisions of the
common law system. In this regard a duty of confidence arises on the part of the medical
practitioners when he discloses any reasonable information to the patient. However, till date
there has been no criminal conviction of a doctor for actions regarding breach of confidence in
spite of the occurrence of various civil claims and awarding damages which was observed in the
case of Cornelius v Taranto [2001] 68 BMR 628; where duty of confidence has been breached
with the revelation of medical information without receiving prior consent. In this regard, it is
worthwhile to mention here that, the medical practitioner is said to have breached a patient’s
confidentiality when he obtained in his part-
I. A necessary quality of confidence.
II. Disclosed information without receiving prior permission and detriment to the individual
to whom it has been originally communicated.
III. Has been under the domain of a public interest to protect such confidentiality.
It is worth mentioning that, confidentiality has been the core duties in medical practice. The
nature of confidentiality must be such that, it requires the doctors to keep the information related
to the patient’s health private unless there is consent on the other part to release such
information9. Patient confidentiality is important because most of the time patients share relevant
information regarding their health to the medical practitioners. Therefore, if the confidentiality of
such information is not protected then the trust vested in patient-doctor relationship diminishes.
8Cornelius v Taranto [2001] 68 BMR 62.
9Fritz, Fleur, Binyam Tilahun, and Martin Dugas. "Success criteria for electronic medical record implementations in
low-resource settings: a systematic review." Journal of the American Medical Informatics Association 22.2 (2015):
479-488.
The general principles of confidential information have been outlined in the provisions of the
common law system. In this regard a duty of confidence arises on the part of the medical
practitioners when he discloses any reasonable information to the patient. However, till date
there has been no criminal conviction of a doctor for actions regarding breach of confidence in
spite of the occurrence of various civil claims and awarding damages which was observed in the
case of Cornelius v Taranto [2001] 68 BMR 628; where duty of confidence has been breached
with the revelation of medical information without receiving prior consent. In this regard, it is
worthwhile to mention here that, the medical practitioner is said to have breached a patient’s
confidentiality when he obtained in his part-
I. A necessary quality of confidence.
II. Disclosed information without receiving prior permission and detriment to the individual
to whom it has been originally communicated.
III. Has been under the domain of a public interest to protect such confidentiality.
It is worth mentioning that, confidentiality has been the core duties in medical practice. The
nature of confidentiality must be such that, it requires the doctors to keep the information related
to the patient’s health private unless there is consent on the other part to release such
information9. Patient confidentiality is important because most of the time patients share relevant
information regarding their health to the medical practitioners. Therefore, if the confidentiality of
such information is not protected then the trust vested in patient-doctor relationship diminishes.
8Cornelius v Taranto [2001] 68 BMR 62.
9Fritz, Fleur, Binyam Tilahun, and Martin Dugas. "Success criteria for electronic medical record implementations in
low-resource settings: a systematic review." Journal of the American Medical Informatics Association 22.2 (2015):
479-488.
6MEDICAL LAW
Patient’s data is treated as private property by the hospitals and healthcare units. They are
selling the data for various clinical and medical researches and many drug development and
related companies. As per the Indian laws for the medical records the data of the patient is
treated as private property of the healthcare centers. Patients and insurers have the access to the
recorded information but still it is not completely protected. But law does not provide ownership
of the medical data exclusively, which can be transferred readily10. This is against the
confidentiality of the patients’ health records as no consent is taken from them while selling the
data to the researchers or developers.
Ethical and legal laws govern the concept of consent with respect to self determination,
individual integrity, and autonomy. The same should apply to electronic medical records systems
and the consent of the individual patient to whom the record belongs to is important in case of
access to that record by anyone other than him. This governs the right of the patient for the
confidentiality of his or her medical and personal information. Three categories of consent can
be explained i.e. implied consent, expressed consent, and informed consent. Implied consent
involves words or the behavior of the patient. Expressed consent involves oral or written consent.
Informed consent stands for detailed explanation of the situation or issue to the patient in non
medical terms and then taking his or her consent. Consent includes three related aspects which
are capacity, knowledge, and voluntariness. In today’s medical practice and healthcare valid
consent of the patient is important in any kind of diagnosis, examination, or treatment. Same
consent should be applicable when it comes to accessing the personal medical records of the
patient11.
10 Rodwin, M. A. (2010). Patient Data: Property, Privacy & the Public Interest. LEGAL STUDIES
RESEARCH PAPER SERIES.
11 CHATURVEDI, A. (2007). Consent — Its Medico-legal Aspects. Medicine Update.
Patient’s data is treated as private property by the hospitals and healthcare units. They are
selling the data for various clinical and medical researches and many drug development and
related companies. As per the Indian laws for the medical records the data of the patient is
treated as private property of the healthcare centers. Patients and insurers have the access to the
recorded information but still it is not completely protected. But law does not provide ownership
of the medical data exclusively, which can be transferred readily10. This is against the
confidentiality of the patients’ health records as no consent is taken from them while selling the
data to the researchers or developers.
Ethical and legal laws govern the concept of consent with respect to self determination,
individual integrity, and autonomy. The same should apply to electronic medical records systems
and the consent of the individual patient to whom the record belongs to is important in case of
access to that record by anyone other than him. This governs the right of the patient for the
confidentiality of his or her medical and personal information. Three categories of consent can
be explained i.e. implied consent, expressed consent, and informed consent. Implied consent
involves words or the behavior of the patient. Expressed consent involves oral or written consent.
Informed consent stands for detailed explanation of the situation or issue to the patient in non
medical terms and then taking his or her consent. Consent includes three related aspects which
are capacity, knowledge, and voluntariness. In today’s medical practice and healthcare valid
consent of the patient is important in any kind of diagnosis, examination, or treatment. Same
consent should be applicable when it comes to accessing the personal medical records of the
patient11.
10 Rodwin, M. A. (2010). Patient Data: Property, Privacy & the Public Interest. LEGAL STUDIES
RESEARCH PAPER SERIES.
11 CHATURVEDI, A. (2007). Consent — Its Medico-legal Aspects. Medicine Update.
7MEDICAL LAW
2.3. Doctor Patient Relationship:
The foundation of a doctor-patient relationship is based upon trust. With the creation of
an environment of trust, it has encouraged patients to seek reasonable care and make honest
revelations about health conditions during every health visit. The willingness on the part of the
patient to seek help and care increases considerably. It is important for the patients to share and
disclose all the medical history and information about them to the physician or the doctor for
proper medication and correct diagnosis of the issue. If there is no proper trust between on the
doctor from the patient’s side, he or she will feel hesitant in sharing all the personal details and
pertain to sharing of incomplete information. This will lead to ineffective diagnosis of the issue
and hence care and treatment provided to the patient will not be helpful and curable. It may harm
the patient adversely. It is necessary for the healthcare units and hospitals to have policies
regarding confidentiality and privacy of the personal medical records of the patient in order to
maintain the doctor-patient trust. This will help in encouraging patients to share sensitive
information to the doctor during the medical visits and leads to effective and correct treatment of
the health issue. Patient built their immense trust on the doctor and believes that he or she is
completely safe in the hands of him. It is the doctor who saves lives of people and gives
treatment and cure on time for betterment of the health of the patients. This trust should be
maintained by the doctors also and they should understand it as their responsibility towards the
confidentiality of the patients’ medical records and their personal information as saved in the
electronic medical record system. This information is very much personal to the individual and
should be accessed by anyone other than the patient upon the consent of the patient itself. The
confidentiality and privacy of the medical records and health related information of the patient
2.3. Doctor Patient Relationship:
The foundation of a doctor-patient relationship is based upon trust. With the creation of
an environment of trust, it has encouraged patients to seek reasonable care and make honest
revelations about health conditions during every health visit. The willingness on the part of the
patient to seek help and care increases considerably. It is important for the patients to share and
disclose all the medical history and information about them to the physician or the doctor for
proper medication and correct diagnosis of the issue. If there is no proper trust between on the
doctor from the patient’s side, he or she will feel hesitant in sharing all the personal details and
pertain to sharing of incomplete information. This will lead to ineffective diagnosis of the issue
and hence care and treatment provided to the patient will not be helpful and curable. It may harm
the patient adversely. It is necessary for the healthcare units and hospitals to have policies
regarding confidentiality and privacy of the personal medical records of the patient in order to
maintain the doctor-patient trust. This will help in encouraging patients to share sensitive
information to the doctor during the medical visits and leads to effective and correct treatment of
the health issue. Patient built their immense trust on the doctor and believes that he or she is
completely safe in the hands of him. It is the doctor who saves lives of people and gives
treatment and cure on time for betterment of the health of the patients. This trust should be
maintained by the doctors also and they should understand it as their responsibility towards the
confidentiality of the patients’ medical records and their personal information as saved in the
electronic medical record system. This information is very much personal to the individual and
should be accessed by anyone other than the patient upon the consent of the patient itself. The
confidentiality and privacy of the medical records and health related information of the patient
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents