While confidentiality and ethics hold a key position within modern paramedic practice, they are not new phenomena. As an embryonic profession, paramedics turned to medical colleagues who recall the Hippocratic Oath as a source in which the principle meaning of medical confidentiality can be traced back some 2500 years (Edelstein, 1943).
The Oath, in its original form, provided a rough code of ethical practice for early physicians. This included a duty to:
With regards to confidentiality, the Oath states:
‘All that may come to my knowledge in the exercise of my profession or outside of my profession or in daily commerce with men, which ought not to be spread abroad, I will keep secret and will never reveal’ (Association of American Physicians and Surgeons (AAPC), 2016).
It is interesting that the Oath deals with privacy, as the modern paramedic is well-versed in the need to protect patient privacy, and subsequently protect themselves. The Health and Care Professions Council (HCPC) (2012) gives clear directions on the standards expected. It would seem that there is an affinity between the Oath and modern guidance on confidentiality: both seek to maintain privacy on the basis that this protects patient welfare. However, the Oath came before modern confidentiality guidance; therefore, it must be the foundation for its existence.
Hippocratic confidentiality is based upon the idea of privacy, and the precedent of privacy or secret-keeping was most certainly not an invention of the ancient Greeks. Modern confidentiality is also based on privacy. However, as privacy predates the Oath, it can be asserted that while the Oath contains a certain confidentiality clause, it cannot be acknowledged as the sole source of modern medical confidentiality.
Hippocratic Oath and the modern law of confidentiality
Clinical confidentiality has not simply sprung from the Oath into the latest HCPC guidance. Its development can be plotted through a series of important stepping stones. Modern confidentiality is thought to have originated from the work of Thomas Percival, an English physician, who in the late 1790s penned a code of conduct that evolved into ‘medical ethics’. He stated:
‘And the familiar and confidential intercourse, to which the faculty are admitted in their professional visits, should be used with discretion, and with the most scrupulous regard to fidelity and honour’ (Percival, 2017).
More recently, the World Medical Association (WMA) stated in the Declaration of Geneva, the Physician's Oath:
‘A doctor owes to his patient absolute secrecy on all which has been confided to him’ (WMA, 1948).
Oath-based systems, however, are more like guiding principles than a legitimate code of ethics. Instead, patient confidentiality is found in a variety of legal and professional sources that can be split into two main categories:
General confidentiality
The concept of confidentiality exists far beyond a paramedic's practice, and there is a plethora of laws designed to protect individuals' confidential information. These apply as much to paramedicine as to any other area of everyday life; and if a law aims to protect private information, it follows that this will include information allied to clinical treatment (Jackson, 2013). It's a given that medical treatment will often involve the disclosure of information of a highly intimate nature.
Modern privacy law comes not from the ability to prevent the disclosure of information, but instead to prevent access to that information in the first place. In contrast, clinical information is, by definition, already disclosed and ‘out in the open’ as it is only of practical use once disclosed to the paramedic. Thus, the laws that concern protecting patient confidentiality are those that deal purely with unauthorised disclosure. Article 8 of the Human Rights Act 1998 declares that an individual has a:
‘right to respect for his private and family life, his home and his correspondence.’
As already stated, clinical information has a private quality; therefore, it is covered by the Article (Human Rights Act, 1998). However, Article 8 (1998) states that this right is not absolute, and advises disclosure of information for reasons such as national security; public safety and health; prevention of crime; or for the protection of others' rights and freedoms. As an example, in Z vs. Finland [1997], the claimant was HIV-positive and had been convicted of a number of sexual offences. He brought a case against his country stating an infringement of Article 8 as the police had requested access to the claimant's medical records to identify when he acquired the disease in order to establish at-risk victims. The claim failed.
Even if information is of a clinical nature, it will not always attain absolute confidentiality under Article 8. For example, a patient may disclose an illness to a paramedic; that paramedic can disclose the information to another body for research or statistic-gathering purposes, as long as they take sufficient measures to ensure it remains confidential. Thus, under Article 8, the essence of clinical confidentiality is not whether the information itself is private, but whether it might be associated with a particular individual. This view exists even when the chance that disclosure might result in the identification of a patient is minute. In HPC vs. Harling [2009], a paramedic shared an X-ray image on social media. The image was unusual so it was possible to link it to a specific patient. Having already lost his job with the ambulance trust, the paramedic received a caution owing to a grave breach of patient confidentiality.
Although Article 8 will usually bind paramedics, they are operating in a system that does provide exceptions to confidentiality. This stance of the Human Rights Act on confidentiality arguably has an advantage over the simplistic, oath-based version seen in the Hippocratic Oath. On balance, the Hippocratic Oath existed in a world where it was the only system of law or ethics. Today, confidentiality is one ethical principle that must be balanced against other principles such as freedom of information and protection of public health.
Schedule 1 of The Data Protection Act (1998) also forms an important safeguard against unauthorised disclosure. It records that:
‘personal data shall be processed fairly and lawfully’ (The Data Protection Act, 1998).
Patient information meets this definition—in the usual sense of the word ‘personal’, but also in law—as per HPC vs. Harling [2009] above. The definition of ‘fairly and lawfully’ is housed in Schedule 2 (Data Protection Act, 1998). The Act offers situations where information is ‘processed’ and includes instances of patient consent, where disclosure will protect the patient's interests (1998). Consider normal prehospital care; a paramedic will treat the patient and possibly transfer them to hospital. The patient will be handed over to nurses and doctors who will administer treatment. Thus, for any system of clinical confidentiality to operate, there must be a clause that allows disclosure for the purpose of treatment. Alongside addressing non-disclosure, modern confidentiality also concerns the proper storage and protection of patient information since it exists, by necessity, outside of the minds of the patient and the paramedic.
Specific clinical confidentiality
It is intriguing to see how professional guidance has developed to define how confidentiality should be protected. Just as the Oath is not a law, but a set of professional guidelines that doctors agreed to (Jackson, 2013), so too is the HCPC guidance.
In terms of practical application, it is professional guidance that provides the most relevant information to the everyday clinical practice of a paramedic. Paramedics might be aware that the Human Rights Act underpins confidentiality, and their responsibility under the Data Protection Act (1998), but it will be professional guidance from their regulator that they will consult when needed. It is also imperative to acknowledge that although professional guidance does not hold the status of law, it does provide the standards that must be met to avoid fitness-to-practise proceedings. HCPC guidance describes the confidentiality duty, stating:
‘a professional responsibility because the standards are there to protect the public […] you should protect the confidentiality of service users at all times’ (HCPC, 2012).
However, paramedics should be wary. While this guidance may appear to contain clear exceptions, the application is a little less clear in practice. In the case of Hunter vs. Mann [1974], the police approached a doctor pursuing information about two patients he had treated. It was believed the patients had been involved in a hit-and-run incident. The doctor had a duty to disclose this information under section 168 of the Road Traffic Act 1972, but refused to do so on the basis that he would have breached his duty of confidentiality. The courts rejected this argument and fined the doctor. It appears the courts will ignore the duty of confidentiality where the law demands it. The judge quoted the British Medical Association's guidance and stated that the breach of confidentiality was acceptable (Nicholas, 2007).
Similar to general confidentiality, clinical confidentiality has developed far beyond the bounds of the original Oath. Professional guidelines allow professional paramedics to suitably manage the situations unravelling before them, while simultaneously appreciating that there are few situations where disclosure is permissible—either because the law demands it, or because it would be in the public interest to do so. Despite nearly 2500 years between the Hippocratic Oath and the modern HCPC standards on confidentiality, a clear precedence exists. The current standard states:
‘you must not knowingly release any personal or confidential information to anyone who is not entitled to it, and you should check that people who ask for information are entitled to it’ (HCPC, 2012).
While modern confidentiality emanates from the Hippocratic Oath, its existence can't be entirely attributed to it. There are clearly common elements between the two, but it is doubtful that a world without a Hippocratic Oath would not involve clinical confidentiality. It follows that the robust nature of confidentiality law has enabled patients' rights to be protected in a much more practical and holistic manner than the Oath originally did. It also follows that a paramedic's approach towards confidentiality is much more comprehensive, accepting the complicated situations that manifest in the prehospital clinical environment.