Present Issue 
Past Issues 

Present Issue 
Past Issues 

SMA Editorial Board 

Letters to the Editor 


This site is supported by Health ONE


The doctor-patient relationship is based and built on trust – and confidentiality of information provided is a cornerstone of this relationship. For the most appropriate medical care to be provided, patients must be confident that they can freely disclose information to their doctors. Uncertainty about confidentiality erodes confidence in the healthcare system.

The 1999 SMA Lecture(1) by Mr Choo Han Teck, Judicial Commissioner, examined the legal aspects of medical confidentiality and the philosophical basis of rights and duties of the individual and society. It provides a ethical framework to reflect on some current issues of confidentiality confronting the medical profession - issues arising from the pervasiveness of commercial forces, burgeoning healthcare technologies and the increasing demand for healthcare information from third parties for audit and research.

These current issues are discussed under the four principles governing confidentiality - that information should not be disclosed unless in the course of care of the patient, with the patient’s consent, under statutory compulsion, and in situations with strongly countervailing public interest.

In the course of care of the patient
The increasing use of integrated electronic medical records (EMR) and the ownership of and access to physical records by persons other than the patients’ own providers are two issues that need to be studied.

The concern that a nation-wide integrated EMR in Singapore, called ‘central healthcare database infringes privacy’ was the subject of a Straits Times reader’s letter published on August 19 1999. The Ministry of Health assured in a reply on the 28 August 1999 that ‘various pertinent issues including the ethical, security and legal aspects as well as patient confidentiality are being looked into before the system is implemented’.

The proposed system in Singapore aims to achieve closer integration between the EMR of the primary care providers and the hospitals to provide ‘better healthcare for all’. There is however the inevitable trade-off brought on by such aggregation of information viz. between ease of access versus security of the record, between timeliness in situation when expressed consent is not possible, versus the need for consent based on specific needs/time period. Thirdly there is also the utility of keeping only clinically significant records versus the temptation of accumulating detailed data from all sources.

Until these issues regarding confidentiality are ironed out, it may be prudent to implement integrated EMR on a limited basis on critical information, like drug allergies, and comprehensively only on an ‘opt-in’ bases to benefit those with complex medical conditions. A submission on the same subject by the American Medical Association in 1997 to a subcommittee of the US National Committee on vital and health statistics provides a good overview of these issues(2).

Though Information technology wizardry and legal reforms may provide best-fit solutions to some of the above problems, the medical profession must also keep its house in order. Rind et al(3) cautioned that the most common threat to confidentiality is the inappropriate accessing of information by authorised healthcare providers. It is onerous to audit the legitimacy of access for contextual patient care. Also as many institutions would be participating, the prevention, detection and punishment for cross-institution violations would have to be agreed. Confidence in the reliability and veracity of information in the EMS is crucial. In an editorial in the Annual of Internal Medicine, ‘Reduction of Medical Verbiage: Fewer Words, More Meaning’(4), Voytovich cautioned that the tradition of physicians relying heavily on a larger, less precise terminology (than say air-traffic controllers) could diminish the benefits of integration across institutions with different practice cultures.

There is a need to ensure that the computer axiom of “GIGO”, garbage in, garbage out, do not visit these records. A central research and pedagogic authority like the Reed Institute funded by NHS in Great Britain should be considered in Singapore to standardise terms and codes, to educate users and to monitor the system.

Aside from EMR, the ownership and trusteeship of physical medical records also impacts on confidentiality. Our healthcare system allows for non-doctors and commercial organisations to own medical establishments and therefore, the paper in paper-based records and the physical media in which EMR are stored.

They may have a legal but not the same ethical obligation as doctors to patients on confidentiality. An English High Court ruled in May 1999 that doctors and pharmacists who sell information about doctors’ prescriptions to a database company for commercial use would breach patient confidentiality even though the information was anonymised(5). The ethical constraints of using such data may not apply to non-doctor entities. There is a need to work out explicit rules about disclosure and release of such records and punishments for violation if the information is used for commercial gains or in an unauthorised manner.

With the patient’s consent
A member of the public wrote to SMA on 3 February 1999 regarding her “Hobson’s Choice” on medical benefits when she joined a multinational company. She was asked to sign a statement that read as follows, “I hereby authorise my doctor, medical practitioner, hospital or clinic by whom or where I have been observed or treated, to give particulars about my whole medical history to the company’s benefits service centre. A photo copy of this authorisation shall have the full effects of the original authorisation”(6).

Explicit consent for disclosure is legally given if that document is signed under non-coercive and informed circumstances. However in this particular case, the patient was asked to sign the document before a mandatory pre-employment medical examination as a condition for employment. Should the medical profession therefore take stewardship to ensure that the balance be in the patient’s best interest and garnered the support of consumer advocates, civil rights groups and employee’s unions against such ‘unfair’ practices?

Third party payers also exert pressures on doctors. A doctor lamented on 14 January 1999 to SMA that “it has now become common practice for third party payers and insurance companies to demand that diagnosis be stated on the claim form before the amount claimed can be approved and paid to the medical practitioner submitting the claim. The patient’s consent is not specifically sought. Doctors “want to do the right thing, only to find themselves shut from the ‘contracts’“.

It would be a pity if patients in third party payer schemes do not have the choice of seeing doctors who opted out because they are unwilling to compromise patient’s confidentiality. Would pragmatists see these ‘conscientious objectors’ as being out of touch with the times and unnecessarily inflexible?

While there are legitimate needs for defined information by third-party payers, employers and healthcare managers, to ensure a well managed system, unfettered and unauthorised access can lead to intrusion into privacy of patients and discriminatory profit-driven practices. An alliance of consumer advocates employee’s unions and the medical profession is needed to check the excesses. It would be a ‘tragedy of the commons’ if all concern groups look away and pretend that only doctors are involved.

Under statutory compulsion
Confidentiality is not absolute in the eyes of the law. A court can order a doctor to breach the confidentiality of his patients and there are laws in most countries enacted in public interest to compel disclosure and notification of certain infectious diseases.

In Singapore, the Private Hospital & Medical Clinics (Amendment) Act of 1999 passed recently empowered the Director of Medical Services to compel healthcare establishments to furnish such information relating to ‘the condition, treatment and diagnosis of any person... notwithstanding that the prior consent of such person has not been obtained.’

When the Ministry conducted a ‘survey on antibiotic prescribing practices in general practices’ in June 1999 by mandating the submission of photocopy of the daily dispensing register, some doctors were uncertain it would be unethical to provide the information as the register also contains patient’s personal particulars. The Ministry assured concerned doctors, through the President SMA on 25 June 1999, that personally identifiable medical information would not be included in the data set and that the concerns on confidentiality is noted.

A request for de-identified data would skirt the ethical issue. The providers can easily remove identifying information in EMR. However, the exercise to segregate such data in paper-based records is laborious, if not impossible. Whether the doctor can be found unethical in providing information not de-identified in complying with this Act (should a breach of confidentiality ensures) still remains to be clarified.

While accepting the vital role that research and audit can play for the overall health of the system, the tenuous balance between patients privacy and access to data in the public interest must still be maintained even if greater cost and effort is needed.

Strongly countervailing public interest
Professor of Law in Manchester University, Margaret Brazier believed that ‘wider public interest may come before issues of confidentiality’(7). She argued that the wider public interest in preventing harm to others and preventing crime could exceptionally outweigh both the private and public interest in confidentiality. However, “there must be a real and serious risk of some other person or persons suffering harm if the confidence is not broken. Breaking confidence must be shown to the only effective means of avoiding or minimising that harm.

This appeared to be the rationale for the 1999 amendment in Singapore to “The Infectious Disease Act” section 20D. While the traditional breach of confidentiality pertains only to the statutory requirement to notify the authorities in the list of gazetted infectious diseases, it is now amended in the case of patients who are HIV positive. The amendment allow doctors to inform spouse, former spouse and contacts of HIV infected persons if the doctors reasonably believe that there is significant risk of infection to such persons and the HIV infected person has refused to inform or consent to inform these people despite due counseling. The doctor may also apply to the Director of Medical Service if he was unable to counsel the HIV positive patient.

Confidence on Confidentiality
Doctors and advocates of patients must collectively grapple with the implications of the new economics and technologies on the ethics of medical practice and preserve this confidence on confidentiality. Reaffirmation of the medical profession commitment in our ethical codes can renew the patient’s faith in his doctor.

Editorial Note: This commentary is based on A/Prof Cheong’s presentation at the SMA Ethics Convention Seminar on Patient Confidentiality which was held on 28 November 1999, after the 1999 SMA Lecture. The full report of the seminar will be published in subsequent issue of the SMA News.



1. Choo HT. Confidence and Confidentiality _ Aspects of the Law, Singapore Med J 1999; 40:726-32.
2. American Medical Association Statement to Subcommittee on Privacy and Confidentiality of the National Committee on Vital and Health Statistics on Confidentiality of Patient Medical Records February 19 1997.
3. Rind DM, et al. Maintaining the Confidentiality of Medical Records shared over the Internet and the World Wide Net Ann Intern Med 1997; 127:138 -141.
4. Voytovich AE. Reduction of Medical Verbiage: Fewer Words, More Meaning Ann Intern Med 1999; 131:146_7.
5. Dryer C. Sales of prescription data beaches confidentiality Br Med J 1999; 318:1505.
6. Cheong PY. Confines of Confidentiality SMA News Mar 1999 N2
7. Brazier M. Wider public interest may come before issues of confidentiality Br Med J 1998; 316:57.