Healthcare confidentiality, which also can be referred to as doctor-patient privilege or patient confidentiality, is the obligation of a health care practitioner to keep a patient’s healthcare information private. This obligation dates all the way back to Hippocrates and is legally enforceable. Keeping a patient's records private is vital for many reasons, particularly because it allows the patient to feel free to disclose any information needed about his or her health without fear of disclosure to other persons or organizations. In most cases, a patient must authorize the release of any information in writing, but there are several instances where patient information may be shared without written consent.
The obligation to maintain healthcare confidentiality has existed since the time of the ancient Greek physician Hippocrates. The famous Hippocratic Oath that is still sworn by doctors today includes an explicit promise to "keep inviolably secret" any information learned about a patient in the course of performing a doctor's professional duties. This obligation was made enforceable by law in the U.S. with the passage of the Healthcare Insurance Portability and Accountability Act, also known as HIPAA, in 1996. This law includes provisions for the maintenance of confidentiality and makes violations punishable by fines and imprisonment.
The American Medical Association (AMA) Code of Ethics, also stresses the importance of healthcare confidentiality. The AMA maintains that this ethical obligation is vital to facilitate proper patient care. Confidentiality allows the patient to feel free to fully disclose any information that might be useful to the doctor for treatment purposes, thereby allowing the doctor to make informed decisions about patient care. It also allows the patient to have control over who has access to his or her most private medical details. Healthcare confidentiality can also protect patient privacy by preventing disclosure of information to acquaintances or loved ones until the patient decides to share it.
To preserve healthcare confidentiality, a patient's private medical records can only be released to another person or organization if that patient signs a written authorization. The form authorizing this is typically called a release; it usually specifies who will be releasing information, what information is to be released, and to whom. According to the rules of healthcare confidentiality, this is necessary for any access to medical records by anyone with a few important exceptions.
The exceptions where written consent is not required include the parents of a minor child, medical personnel involved in the patient's treatment, and when a patient is transferred from one facility to another. There are also a few very special instances where the disclosure of private information by healthcare practitioners is actually required by law. Such instances include if a patient suffered an injury caused by a weapon, if there is reasonable suspicion of abuse, or if the patient is likely to harm him- or herself or another person.