Home > Topics > Ethical Practice > Confidentiality and Disclosure of Information > Confidentiality of Personal Information

Confidentiality of Personal Information


Personal health information includes all notes, radiographs, photographs, details of treatment carried out, records of appointments, payments made and any personal information about the patient (e.g. medical condition). The confidentiality of all personal health information must be maintained.



Confidentiality can sometimes be breached accidentally by a simple error such as leaving a message with a third party. Therefore, train staff in the importance of maintaining patient confidentiality and ensure that the practice policies on data protection and confidentiality are followed and that all staff comply with the DPA (see the Data Protection, Confidentiality and Information Security Policy May 2018 template (Word)).

Respect patient privacy when discussing confidential issues with patients (e.g. discussion of medical information, payment, or asking patients for proof of exemption status).

If it is necessary to share personal information with a third party and this has not been detailed in the fair processing notice/data protection policy, seek specific consent from the patient to share this information (see Consent Form Dec 2012 template (Word)).

If patients would like personal information to be withheld, explain the consequences for their care but allow the patient to make the final decision.

Ensure staff are aware of the seriousness of a breach of confidentiality and are aware that if a breach is made, disciplinary action, including dismissal, can be taken if appropriate.

Include a confidentiality clause in all staff contracts and agreements.