Disclosure of information & data protection

Question 1

What do the GMC state is central to maintaining trust in a doctor-patient relationship?

Answer 1

Confidentiality

Question 2

Implied consent is sufficient if all of which 4 criteria are met?

Answer 2

Disclosure is to support patient’s direct care

Patients can access info about how data are used and processes for objection

You have no reason to believe they have objected or would object

You’re satisfied that those you’re disclosing to also know the data are confidential and will treat them as such

Question 3

Which test does paragraph 29 on GMC guidance state can be used to determine whether you think explicit consent for sharing a patient’s data needs to be gained?

Answer 3

Surprise test - if you suspect a patient would be surprised to learn about how you are accessing or disclosing their personal information, you should ask for explicit consent

Question 4

Disclosure for secondary purposes is permitted if any of which 3 criteria are obtained?

Answer 4

The disclosure is required by law, including by the courts

The patient has given explicit consent

The disclosure is approved through a statutory process that sets aside the common law duty of confidentiality

The disclosure can be justified in the public interest

Question 5

Which 2 pieces of legislation cover data protection in the UK?

Answer 5

UK GDPR

Data Protection Act 2018

Question 6

What are the 7 principles of the GDPR?

Answer 6

Lawfulness, fairness + transparency

Purpose limitation

Data minimisation

Accuracy

Storage limitation

Integrity + confidentiality (security)

Accountability

Question 7

Under which 2 pieces of legislation can patients request any and all data about them?

Answer 7

Subject Access Request under DPA

Access to Health Records Act 1990