A surgeon member, who defended a civil suit for sharing health information about a patient with two doctors without express consent, has been found not to have breached privacy laws.
The patient filed a complaint against the member, for breach of privacy, with the state’s civil and administrative tribunal. The patient, who had consulted the member for a second opinion, claimed the member’s actions had irreparably damaged the doctor-patient relationship with their usual treating surgeon.
Patient omission raises concerns for member
The patient had a history of diabetes and had undergone a right-sided lower limb amputation due to a severe infection of the limb. The amputation of the patient’s foot had since placed significant pressure on the left foot, leaving the patient with nerve damage and a misshapen left foot.
The patient consulted the member for a second opinion. From the medical history and symptoms the patient described, the member recognised the case as it had been discussed – in a strictly de-identified way – by one of their colleagues at a clinical conference they attended. The member gave evidence that while discussing the patient’s medical history, the patient had been deceptive and denied knowledge of the cause of the right-side foot infection and the diagnosis for the underlying disease in the left side.
According to the member, the patient 'pushed hard' for a surgical solution to the problem with the left foot. The member advised that surgery in the near future would be dangerous and there was a risk they could lose their remaining leg; therefore it was not in the patient’s interests to pursue this course.
Due to the member’s concerns the patient may inaccurately report the consultation to their usual surgeon, which could lead to surgery being conducted too soon, they considered it necessary and appropriate to share the explicit advice they had provided to the patient with the patient’s usual surgeon and referring GP.
The patient had purposely not named their usual surgeon during the consultation, or in forms they filled out prior to the consultation, because they did not want their usual surgeon to know they were getting a second opinion.
At the end of the consultation, the member advised the patient they would write to the patient’s treating doctors and send the patient a copy. The member knew who the usual surgeon was because of the clinical conference and they saw the name on an x-ray the patient brought with them.
Tribunal finds member acted out of concern
The patient filed a complaint, claiming the member had breached their privacy by disclosing their information to their treating surgeon without their consent. The patient claimed the trust between them and their usual surgeon had been irreparably damaged by the letter sent by the member.
The member told the tribunal that, should the patient have surgery too soon, it would likely lead to infection and amputation of the left foot – an outcome they described as “tragic.”
The member emphasised that appropriate continuity of care was dependent on sharing information between doctors involved in the matter. Where information had been shared, the member said they did so because they had a responsibility to the patient.
While the tribunal accepted the patient had not expected their health information to be shared, it found this was an unreasonable expectation given the seriousness of the medical condition.
The tribunal accepted Avant’s submission on behalf of the member that the health information had been disclosed to the patient’s usual surgeon and used for the primary purpose for which it was collected – to contribute to the patient’s medical management – in accordance with the privacy principles.
The tribunal accepted the member had been concerned the patient did not understand the seriousness of the clinical situation and had not accepted their advice that surgery too soon would likely result in a second amputation, and they seemed determined to have surgery to correct the shape of their foot.
Ultimately, the tribunal found the member acted out of concern for the patient and had not breached the patient’s privacy. In writing to the patient’s usual surgeon, the member was communicating about the medical management of their condition and acting in their best interests.
Privacy breaches
While the tribunal found the health information had been shared in the patient's best interests, this unique case serves as a timely reminder for all doctors to be familiar with their privacy and confidentiality obligations. Particularly, after new privacy laws were introduced on 22 February 2018. Remember:
- Ensure you inform patients about how your practice manages health information, including disclosure of information to third parties.
- To review your practice’s privacy policy in line with the new privacy laws.
- Make privacy everyone’s business – train all your staff and ensure they comply.
Further resources:
Unsure about what you can share?
If you are unsure about whether you can release information to a third party, check with the patient, or email our Medico-Legal Advisory Service (MLAS) on nca@avant.org.au or call 1800 128 268 for expert advice, 24/7 in emergencies.